"MongoBleed": Exploit for critical vulnerability in MongoDB makes attacks easier

Those responsible for a MongoDB instance cannot rest easy: an exploit for a critical vulnerability makes upgrades even more ...
SecurityWeek

Fresh MongoDB Vulnerability Exploited in Attacks

Hackers are exploiting CVE-2025-14847, aka MongoBleed, a MongoDB vulnerability, to leak sensitive information from server ...
Dark Reading

Threat Actors Exploit Zero-Day in WatchGuard Firebox Devices

With attacks on the critical firewall vulnerability, WatchGuard joins a list of edge device vendors whose products have been ...
Engadget

Google just patched the fifth zero-day exploit for Chrome this year

Google has released a security update for the Chrome browser to fix a zero-day vulnerability exploit that has been used by threat actors. This is the fifth time this year the company has had to issue ...
Live Bitcoin News

Flow Blockchain Prepares Full Restart After $3.9M Bridge Exploit

Flow Blockchain moves toward a full restart after a $3.9 million exploit, with user funds safe and recovery underway.
Ars Technica

Attackers exploit critical Zimbra vulnerability using cc’d email addresses

Attackers are actively exploiting a critical vulnerability in mail servers sold by Zimbra in an attempt to remotely execute malicious commands that install a backdoor, researchers warn. The ...
Searchenginejournal.com

All in One SEO Pack Vulnerability – New Exploit

Researchers discovered a type of issue that is called a cross site scripting vulnerability (XSS). It can generally involve a compromised input interface. So anywhere that a user can input and upload ...
Bleeping Computer

Exploit released for critical VMware RCE vulnerability, patch now

Proof-of-concept exploit code is now available for a pre-authentication remote code execution (RCE) vulnerability allowing attackers to execute arbitrary code remotely with root privileges on ...
ZDNet

Exploit released for VMware vulnerability after CISA warning

According to experts tracking the issue, a working exploit for CVE-2021-22005 -- a vulnerability with VMware vCenter -- has been released and is reportedly being used by threat actors. A roundup of ...
Computerworld

Hackers exploit JBoss vulnerability to compromise servers

Attackers are actively exploiting a known vulnerability to compromise JBoss Java EE application servers that expose the HTTP Invoker service to the Internet in an insecure manner. At the beginning of ...
Ars Technica

Attackers exploit 0-day vulnerability that gives full control of Android phones

Attackers are exploiting a zero-day vulnerability in Google’s Android mobile operating system that can give them full control of at least 18 different phone models, including four different Pixel ...
ZDNet

Automated exploit of critical SAP SolMan vulnerability detected in the wild

Automated probes for servers containing a severe vulnerability in SAP software have been detected a week after a working exploit was published online. The vulnerability, tracked as CVE-2020-6207, is a ...