SecurityWeek

Fresh MongoDB Vulnerability Exploited in Attacks

Hackers are exploiting CVE-2025-14847, aka MongoBleed, a MongoDB vulnerability, to leak sensitive information from server ...

CISA orders feds to patch MongoBleed flaw exploited in attacks

CISA ordered U.S. federal agencies to patch an actively exploited MongoDB vulnerability (MongoBleed) that can be exploited to ...

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...

How Malya Jain Approaches Modern Threats in a Changing Cyber Landscape

As a cybersecurity engineer, she leads efforts to uncover and seal the different ways in which data can fall into the wrong ...
Krebs on Security

The Kimwolf Botnet is Stalking Your Local Network

The security company Synthient currently sees more than 2 million infected Kimwolf devices distributed globally but with ...
BeInCrypto

ZachXBT Flags Ongoing Wallet Exploit With Losses Exceeding $107,000

An active exploit is draining hundreds of wallets across EVM chains, with losses over $107,000 as investigators race for answers.
CoinDesk

Unleash Protocol hit by $3.9 million exploit with funds routed through Tornado Cash

An attacker seized control of Unleash Protocol’s multisig governance to upgrade contracts and siphon funds, which were later ...
The Hacker News

ThreatsDay Bulletin: GhostAd Drain, macOS Attacks, Proxy Botnets, Cloud Exploits, and 12+ Stories

The first ThreatsDay Bulletin of 2026 tracks GhostAd adware, macOS malware, proxy botnets, cloud exploits, and more emerging ...

Thousands of servers exposed as MongoBleed vulnerability exploited

In its writeup, BleepingComputer confirms that there are roughly 87,000 potentially vulnerable instances exposed on the ...