Security researchers have discovered an attack method called Dark Skippy that hackers can use to extract private keys from Bitcoin hardware wallets with only two signed transactions. The vulnerability may affect all hardware wallet models, but it will only work if the attacker tricks the victim into downloading malicious firmware. The new version of Dark Skippy only requires a few transactions to execute, and the attack can be performed even if the user relies on a separate device to generate a mnemonic. (Cointelegraph)