"MongoBleed": Exploit for critical vulnerability in MongoDB makes attacks easier

Those responsible for a MongoDB instance cannot rest easy: an exploit for a critical vulnerability makes upgrades even more ...

Exploited MongoBleed flaw leaks MongoDB secrets, 87K servers exposed

A severe vulnerability affecting multiple MongoDB versions, dubbed MongoBleed (CVE-2025-14847), is being actively exploited ...

Critical ‘LangGrinch’ vulnerability in langchain-core puts AI agent secrets at risk

The vulnerability, tracked as CVE-2025-68664 and dubbed “LangGrinch,” has a Common Vulnerability Scoring System score of 9.3.

MongoDB: Critical Security Vulnerability in NoSQL Database

MongoDB warns of a critical security vulnerability affecting recent versions. Admins should patch immediately.

WebRAT malware spread via fake vulnerability exploits on GitHub

The WebRAT malware is now being distributed through GitHub repositories that claim to host proof-of-concept exploits for ...
The Hacker News

WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability

WatchGuard fixed CVE-2025-14733, a critical Fireware OS VPN flaw with CVSS 9.3 that is actively exploited in the wild.
Ars Technica

Attackers exploit critical Zimbra vulnerability using cc’d email addresses

Attackers are actively exploiting a critical vulnerability in mail servers sold by Zimbra in an attempt to remotely execute malicious commands that install a backdoor, researchers warn. The ...
SecurityWeek

WatchGuard Patches Firebox Zero-Day Exploited in the Wild

WatchGuard warns that the critical Firebox vulnerability CVE-2025-14733 has been exploited in attacks for remote code ...
Que.com on MSN

Cybersecurity alert: How hackers exploit holiday seasons for attacks

In an increasingly digitized world, cybersecurity remains a critical concern. Research shows that cyberattacks spike during holiday seasons. As people ...
Infosecurity-magazine.com

Malicious Actors Exploit ProjectSend Critical Vulnerability

Public-facing instances of ProjectSend, an open-source file-sharing web application, have been exploited by attackers, according to vulnerability intelligence provider VulnCheck. ProjectSend was ...
TechRepublic

Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs

Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs Your email has been sent Volt Typhoon, a Chinese state-sponsored hacking group, has been caught ...
Dark Reading

Coalition Releases Security Vulnerability Exploit Scoring System

SAN FRANCISCO — June 15, 2023 — Coalition, the world's first Active Insurance provider designed to prevent digital risk before it strikes, today announced the Coalition Exploit Scoring System ...