MongoBleed (CVE-2025-14847) Now Exploited in the Wild: MongoDB Servers at Critical Risk
A high-severity unauthenticated information-leak vulnerability in MongoDB Server, dubbed MongoBleed after the infamous Heartbleed bug, is now being actively exploited
Ubisoft Rainbow Six Siege Servers Breach linked to MongoBleed Vulnerability
The chaos surrounding Ubisoft escalated significantly today as the first group of hackers, previously known for silent exploits, initiated a
Massive Rainbow Six Siege breach gives players billions of credits
Ubisoft’s Rainbow Six Siege (R6) suffered a breach that allowed hackers to abuse internal systems to ban and unban players,
87,000+ MongoDB Instances Vulnerable to MongoBleed Flaw Exposed Online PoC Exploit Released
A high-severity vulnerability in MongoDB Server that allows unauthenticated remote attackers to siphon sensitive data from database memory. Dubbed “MongoBleed”
Mongobleed PoC Exploit Tool Released for MongoDB Flaw that Exposes Sensitive Data
A proof-of-concept (PoC) exploit dubbed “mongobleed” for CVE-2025-14847, a critical unauthenticated memory leak vulnerability in MongoDB’s zlib decompression handling. Dubbed
OpenAI’s ChatGPT ads will allegedly prioritize sponsored content in answers
OpenAI is reportedly mulling a new form of ads on ChatGPT called “sponsored content,” which could influence your buying decisions.
New MongoDB Flaw Lets Unauthenticated Attackers Read Uninitialized Memory
Dec 27, 2025Ravie LakshmananDatabase Security / Vulnerability A high-severity security flaw has been disclosed in MongoDB that could allow unauthenticated
TeamViewer DEX Vulnerabilities Let Attackers Trigger DoS Attack and Expose Sensitive Data
Multiple critical vulnerabilities in TeamViewer DEX Client’s Content Distribution Service (NomadBranch.exe), formerly part of 1E Client. Affecting Windows versions before
M-Files Vulnerability Let Attacker Capture Session Tokens of Other Active Users
An information disclosure vulnerability in M-Files Server enables authenticated attackers to capture and reuse session tokens from active users. Potentially
Fake GrubHub emails promise tenfold return on sent cryptocurrency
Grubhub users received fraudulent messages, apparently from a company email address, promising a tenfold bitcoin payout in return for a
Trust Wallet Chrome Extension Breach Caused $7 Million Crypto Loss via Malicious Code
Dec 26, 2025Ravie LakshmananCryptocurrency / Incident Response Trust Wallet is urging users to update its Google Chrome extension to the
China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware
A China-linked advanced persistent threat (APT) group has been attributed to a highly-targeted cyber espionage campaign in which the adversary