SecurityWeek

Fresh MongoDB Vulnerability Exploited in Attacks

Hackers are exploiting CVE-2025-14847, aka MongoBleed, a MongoDB vulnerability, to leak sensitive information from server ...

"MongoBleed": Exploit for critical vulnerability in MongoDB makes attacks easier

Those responsible for a MongoDB instance cannot rest easy: an exploit for a critical vulnerability makes upgrades even more ...
Security Boulevard

Real Attacks of the Week: How Spyware Beaconing and Exploit Probing Are Shaping Modern ...

Over the past week, enterprise security teams observed a combination of covert malware communication attempts and aggressive probing of publicly exposed infrastructure. These incidents, detected ...

Hackers exploit newly patched Fortinet auth bypass flaws

Hackers are exploiting critical-severity vulnerabilities affecting multiple Fortinet products to get unauthorized access to ...
Dark Reading

New Exploit Broker on the Scene Pays Premium for Signal App Zero-Days

Gray-market exploit brokers are alive and kicking, with the latest sign of this flourishing market coming in the form of a bidding war for Signal messaging app zero-days from a relatively new entrant.
Bleeping Computer

Exploit for critical Fortra FileCatalyst Workflow SQLi flaw released

The Fortra FileCatalyst Workflow is vulnerable to an SQL injection vulnerability that could allow remote unauthenticated attackers to create rogue admin users and manipulate data on the application ...
Forbes

New Emergency Google Chrome Security Update—0Day Exploit Confirmed

Google has confirmed that a zero-day security vulnerability in its Chrome web browser is being actively exploited and has issued a rare emergency security update in response. Although Chrome security ...
Business Wire

Offensive Security Launches New Course and Certification for Exploit Development and ...

NEW YORK--(BUSINESS WIRE)--Offensive Security, the leading provider of hands-on cybersecurity training and certifications, today announced the launch of Windows User Mode Exploit Development (EXP-301) ...
ZDNet

Security researchers say this scary exploit could render all VPNs useless

Security researchers have revealed a method for rendering any virtual private network (VPN) useless. And they suspect that their exploit may have been in the wild for years -- and malicious actors may ...
Dark Reading

Offensive Security Launches New Course and Certification for Exploit Development and ...

NEW YORK – January 27, 2021 – Offensive Security, the leading provider of hands-on cybersecurity training and certifications, today announced the launch of Windows User Mode Exploit Development ...
The Atlantic

Security Exploit Snapchat Was Warned About Has Compromised 4.6 Million Users' Information

Snapchat, the temporary photo-sharing app that Reuters called one of 2013's "top smartphone apps," has been hacked, with 4.6 million usernames and associated phone numbers compiled into a database ...
The Verge

Security researcher finds a way to run code on Apple, PayPal, and Microsoft’s systems

Security researcher Alex Birsan has found a security vulnerability that allowed him to run code on servers owned by Apple, Microsoft, PayPal, and over 30 other companies (via Bleeping Computer). The ...