GovInfoSecurity

75,000 MongoDBs Exposed as Attackers Exploit 'MongoBleed'

Tens of thousands of internet-exposed MongoDB databases are at risk as attackers actively target a critical vulnerability in ...

"MongoBleed": Exploit for critical vulnerability in MongoDB makes attacks easier

Those responsible for a MongoDB instance cannot rest easy: an exploit for a critical vulnerability makes upgrades even more ...
PC World

Exploit released for vulnerability targeted by Linksys router worm

Technical details about a vulnerability in Linksys routers that’s being exploited by a new worm have been released Sunday along with a proof-of-concept exploit and a larger than earlier expected list ...
Security Boulevard

CVE-2025-14847 (MongoBleed): MongoDB Memory Leak Vulnerability Exploited in the Wild

A recently disclosed vulnerability affecting MongoDB instances has been reportedly exploited in the wild. Exploit code has been released for this flaw dubbed MongoBleed.Key takeaways:MongoBleed is a ...
SecurityWeek

Fresh MongoDB Vulnerability Exploited in Attacks

Hackers are exploiting CVE-2025-14847, aka MongoBleed, a MongoDB vulnerability, to leak sensitive information from server ...
The Register on MSN

An early end to the holidays: 'Heartbleed of MongoDB' is now under active exploit

You didn't think you'd get to enjoy your time off without a major cybersecurity incident, did you? A high-severity MongoDB ...
CSOonline

Cybercriminals add new exploit for patched Java vulnerability to their arsenal

Cybercriminals were quick to integrate a newly released exploit for a Java vulnerability patched in June into a tool used to launch mass attacks against users, an independent malware researcher warned ...

Critical ‘LangGrinch’ vulnerability in langchain-core puts AI agent secrets at risk

The vulnerability, tracked as CVE-2025-68664 and dubbed “LangGrinch,” has a Common Vulnerability Scoring System score of 9.3.
ZDNet

Exploit released for VMware vulnerability after CISA warning

According to experts tracking the issue, a working exploit for CVE-2021-22005 -- a vulnerability with VMware vCenter -- has been released and is reportedly being used by threat actors. A roundup of ...
ZDNet

Automated exploit of critical SAP SolMan vulnerability detected in the wild

Automated probes for servers containing a severe vulnerability in SAP software have been detected a week after a working exploit was published online. The vulnerability, tracked as CVE-2020-6207, is a ...
Ars Technica

High-severity vulnerability in vBulletin is being actively exploited

Attackers are mass-exploiting an anonymously disclosed vulnerability that makes it possible to take control of servers running vBulletin, one of the Internet’s most popular applications for website ...
Ars Technica

Attackers exploit 0-day vulnerability that gives full control of Android phones

Attackers are exploiting a zero-day vulnerability in Google’s Android mobile operating system that can give them full control of at least 18 different phone models, including four different Pixel ...