Hackers Claim Breach of WIRED Database Containing 2.3 million Subscriber Records
Hackers have leaked a database containing over 2.3 million WIRED subscriber records, marking a major breach at Condé Nast, the parent company. The threat actor…
Category: CyberSecurityNews
MongoDB Servers at Critical Risk
A high-severity unauthenticated information-leak vulnerability in MongoDB Server, dubbed MongoBleed after the infamous Heartbleed bug, is now being actively exploited in real-world attacks. MongoDB has…
Ubisoft Rainbow Six Siege Servers Breach linked to MongoBleed Vulnerability
The chaos surrounding Ubisoft escalated significantly today as the first group of hackers, previously known for silent exploits, initiated a highly visible and disruptive takeover…
87,000+ MongoDB Instances Vulnerable to MongoBleed Flaw Exposed Online
A high-severity vulnerability in MongoDB Server that allows unauthenticated remote attackers to siphon sensitive data from database memory. Dubbed “MongoBleed” due to its automated similarities…
Mongobleed PoC Exploit Tool Released for MongoDB Flaw that Exposes Sensitive Data
A proof-of-concept (PoC) exploit dubbed “mongobleed” for CVE-2025-14847, a critical unauthenticated memory leak vulnerability in MongoDB’s zlib decompression handling. Dubbed by its creator Joe Desimone…
TeamViewer DEX Vulnerabilities Let Attackers Trigger DoS Attack and Expose Sensitive Data
Multiple critical vulnerabilities in TeamViewer DEX Client’s Content Distribution Service (NomadBranch.exe), formerly part of 1E Client. Affecting Windows versions before 25.11 and select older branches,…
M-Files Vulnerability Let Attacker Capture Session Tokens of Other Active Users
An information disclosure vulnerability in M-Files Server enables authenticated attackers to capture and reuse session tokens from active users. Potentially gaining unauthorized access to sensitive…
TrustWallet Chrome Extension Hacked – Users Reporting Millions in Losses
Many Trust Wallet users saw their wallets drained of over $7 million after a security breach in the Chrome browser extension version 2.68.0, released on…
Parrot 7.0 Released with New Penetration Testing and AI Tools
Parrot OS 7.0, codenamed Echo, launches as a complete system rewrite based on Debian 13, bringing KDE Plasma 6, Wayland by default, and fresh penetration…
Critical Langchain Vulnerability Let attackers Exfiltrate Sensitive Secrets from AI systems
A critical vulnerability in LangChain’s core library (CVE-2025-68664) allows attackers to exfiltrate sensitive environment variables and potentially execute code through deserialization flaws. Discovered by a…
Google Now Allows Users to Change Their @gmail.com Email Address
For years, one of the most persistent frustrations for Google users has been the inability to alter their primary email address without creating an entirely…
Net-SNMP Vulnerability Enables Buffer Overflow and the Daemon to Crash
A new critical vulnerability affecting the Net-SNMP software suite has been disclosed, posing a significant risk to network infrastructure worldwide. Tracked as CVE-2025-68615, this security flaw…