-
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning about the active exploitation of CVE-2025-14847, a severe vulnerability affecting MongoDB and MongoDB Server. The flaw was added to CISA’s Known Exploi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft’s latest innovation may have opened the door to sophisticated cyberattacks. At Build 2025, the company introduced “Connected Agents,” a feature in Copilot Studio that allows AI agents to communicate and share functionality a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated cyberespionage campaign leveraging kernel-mode rootkit technology has been discovered targeting government organizations across Southeast and East Asia, with Myanmar and Thailand bearing the brunt of attacks. Security researchers identi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The popular text editor EmEditor fell victim to a sophisticated supply chain attack between December 19-22, 2025, in which attackers compromised the official website to distribute malware-laced installation packages. Emurasoft, Inc., the software’…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Over 74,000 MongoDB database servers remain vulnerable to a critical security flaw after proof-of-concept exploit code for the MongoBleed vulnerability became publicly available. The Shadowserver Foundation reports that 74,854 exposed MongoDB instances…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A former employee of South Korean e-commerce giant Coupang attempted to destroy evidence of a massive data theft by throwing his MacBook Air into a river, investigators revealed this week. The desperate act failed spectacularly, with forensic experts r…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have uncovered a massive coordinated exploitation campaign where threat actors launched over 2.5 million malicious requests against vulnerable systems during the Christmas 2025 holiday period. The campaign represents a sophisticate…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A severe unauthenticated remote code execution vulnerability has been discovered in XSpeeder networking devices, potentially affecting more than 70,000 publicly accessible hosts worldwide. Tracked as CVE-2025-54322, the flaw allows attackers to gain ro…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have disclosed critical vulnerabilities in Airoha-based Bluetooth headphones that enable attackers to compromise connected smartphones through chained exploits. The three vulnerabilities CVE-2025-20700, CVE-2025-20701, and CVE-2025…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat intelligence researchers at CloudSEK have uncovered a sophisticated phishing campaign targeting Indian entities using Income Tax-themed lures, attributed to the Chinese-aligned Silver Fox APT group. The campaign employs an advanced multi-stage m…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
