CISA orders feds to patch MongoBleed flaw exploited in attacks

Published on December 30, 2025

CISA ordered U.S. federal agencies to patch an actively exploited MongoDB vulnerability (MongoBleed) that can be exploited to steal credentials, API keys, and other sensitive data. [...]

Continue reading on website
Other news

Silver Fox Targets Indian Users With Tax-Themed Emails Delivering ValleyRAT Malware

December 30, 2025
The threat actor known as Silver Fox has turned its focus to India, using income tax-themed lures in phishing campaigns to distribute a modular remote access trojan called ValleyRAT (aka Winos 4.0)."This sophisticated attack leverages a complex kill chain involving DLL hijacking and the modular Valley RAT to ensure persistence," CloudSEK researchers Prajwal Awasthi and Koushik Pal said in an

US cybersecurity experts plead guilty to BlackCat ransomware attacks

December 30, 2025
Two former employees of cybersecurity incident response companies Sygnia and DigitalMint have pleaded guilty to targeting U.S. companies in BlackCat (ALPHV) ransomware attacks in 2023. [...]