home.social

#mongobleed — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #mongobleed, aggregated by home.social.

  1. 🔥 Latest issue of my curated #cybersecurity and #infosec list of resources for week #03/2026 is out!

    → It includes the following and much more:

    🔓️ #BreachForums had its user database leaked;

    #RedVDS Infrastructure seized by #Microsoft and Law Enforcement;

    🇪🇸 🇪🇺 #Europol and Spanish police arrested 34 people linked to the Black Axe;

    🇮🇷 🔌 #Iran has cut off internet and phone access nationwide for more than a week

    🐧 New modular #Linux malware framework called #VoidLink;

    🩸 #MongoBleed, a critical, unauthenticated #MongoDB memory-leak vulnerability;

    📆 🩹 Microsoft #PatchTuesday addresses 112 defects, including one actively exploited zero-day;

    --

    👉 NEVER MISS my curations and updates on information security and cybersecurity news and challenges 📨 Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️

    infosec-mashup.santolaria.net/

  2. 🔥 Latest issue of my curated #cybersecurity and #infosec list of resources for week #03/2026 is out!

    → It includes the following and much more:

    🔓️ #BreachForums had its user database leaked;

    #RedVDS Infrastructure seized by #Microsoft and Law Enforcement;

    🇪🇸 🇪🇺 #Europol and Spanish police arrested 34 people linked to the Black Axe;

    🇮🇷 🔌 #Iran has cut off internet and phone access nationwide for more than a week

    🐧 New modular #Linux malware framework called #VoidLink;

    🩸 #MongoBleed, a critical, unauthenticated #MongoDB memory-leak vulnerability;

    📆 🩹 Microsoft #PatchTuesday addresses 112 defects, including one actively exploited zero-day;

    --

    👉 NEVER MISS my curations and updates on information security and cybersecurity news and challenges 📨 Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️

    infosec-mashup.santolaria.net/

  3. 🔥 Latest issue of my curated #cybersecurity and #infosec list of resources for week #03/2026 is out!

    → It includes the following and much more:

    🔓️ #BreachForums had its user database leaked;

    #RedVDS Infrastructure seized by #Microsoft and Law Enforcement;

    🇪🇸 🇪🇺 #Europol and Spanish police arrested 34 people linked to the Black Axe;

    🇮🇷 🔌 #Iran has cut off internet and phone access nationwide for more than a week

    🐧 New modular #Linux malware framework called #VoidLink;

    🩸 #MongoBleed, a critical, unauthenticated #MongoDB memory-leak vulnerability;

    📆 🩹 Microsoft #PatchTuesday addresses 112 defects, including one actively exploited zero-day;

    --

    👉 NEVER MISS my curations and updates on information security and cybersecurity news and challenges 📨 Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️

    infosec-mashup.santolaria.net/

  4. 🔥 Latest issue of my curated #cybersecurity and #infosec list of resources for week #03/2026 is out!

    → It includes the following and much more:

    🔓️ #BreachForums had its user database leaked;

    #RedVDS Infrastructure seized by #Microsoft and Law Enforcement;

    🇪🇸 🇪🇺 #Europol and Spanish police arrested 34 people linked to the Black Axe;

    🇮🇷 🔌 #Iran has cut off internet and phone access nationwide for more than a week

    🐧 New modular #Linux malware framework called #VoidLink;

    🩸 #MongoBleed, a critical, unauthenticated #MongoDB memory-leak vulnerability;

    📆 🩹 Microsoft #PatchTuesday addresses 112 defects, including one actively exploited zero-day;

    --

    👉 NEVER MISS my curations and updates on information security and cybersecurity news and challenges 📨 Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️

    infosec-mashup.santolaria.net/

  5. 🔥 Latest issue of my curated #cybersecurity and #infosec list of resources for week #03/2026 is out!

    → It includes the following and much more:

    🔓️ #BreachForums had its user database leaked;

    #RedVDS Infrastructure seized by #Microsoft and Law Enforcement;

    🇪🇸 🇪🇺 #Europol and Spanish police arrested 34 people linked to the Black Axe;

    🇮🇷 🔌 #Iran has cut off internet and phone access nationwide for more than a week

    🐧 New modular #Linux malware framework called #VoidLink;

    🩸 #MongoBleed, a critical, unauthenticated #MongoDB memory-leak vulnerability;

    📆 🩹 Microsoft #PatchTuesday addresses 112 defects, including one actively exploited zero-day;

    --

    👉 NEVER MISS my curations and updates on information security and cybersecurity news and challenges 📨 Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️

    infosec-mashup.santolaria.net/

  6. One more side project? :blobcat:
    🥭 🩸 🍯

    #mongobleed #CVE-2025-14847

  7. One more side project? :blobcat:
    🥭 🩸 🍯

    #mongobleed #CVE-2025-14847

  8. One more side project? :blobcat:
    🥭 🩸 🍯

    #mongobleed #CVE-2025-14847

  9. One more side project? :blobcat:
    🥭 🩸 🍯

    #mongobleed #CVE-2025-14847

  10. One more side project? :blobcat:
    🥭 🩸 🍯

    #mongobleed #CVE-2025-14847

  11. Mongobleed (CVE-2025-14847): Lỗ hổng lộ lọt bộ nhớ thời gian chạy trong MongoDB có thể làm lộ dữ liệu nhạy cảm mà không kích hoạt cảnh báo. Làm thế nào để phát hiện rò rỉ bộ nhớ thời gian chạy trong khi vẫn giữ tiếng ồn ở mức tối thiểu? Xem bài viết trên blog của Armosec.io. #cybersecurity #vulnerability #MongoDB #Mongobleed #CVE202514847 #bảo_mật #lỗ_hổng #phát_hiện_rò_rỉ_bộ_nhớ

    reddit.com/r/SaaS/comments/1q1

  12. Mongobleed (CVE-2025-14847): Lỗ hổng lộ lọt bộ nhớ thời gian chạy trong MongoDB có thể làm lộ dữ liệu nhạy cảm mà không kích hoạt cảnh báo. Làm thế nào để phát hiện rò rỉ bộ nhớ thời gian chạy trong khi vẫn giữ tiếng ồn ở mức tối thiểu? Xem bài viết trên blog của Armosec.io. #cybersecurity #vulnerability #MongoDB #Mongobleed #CVE202514847 #bảo_mật #lỗ_hổng #phát_hiện_rò_rỉ_bộ_nhớ

    reddit.com/r/SaaS/comments/1q1

  13. 🫤 We know the *last* thing you want to deal with on Dec 31st is a new vulnerability. But #MongoBleed (CVE-2025-14847) isn't waiting for the ball to drop.

    Our team already updated the Pentest-Tools.com Network Scanner to detect this information disclosure flaw that's currently letting unauthenticated attackers leak MongoDB server info.

    Whether you’re on-call or just checking in, we’ve made it fast to see if your servers are at risk. 🎯 Scan your IPs for CVE-2025-14847, patch it fast, and have a safe New Year.

    Deets and detection here: 👉 pentest-tools.com/vulnerabilit

  14. 🫤 We know the *last* thing you want to deal with on Dec 31st is a new vulnerability. But #MongoBleed (CVE-2025-14847) isn't waiting for the ball to drop.

    Our team already updated the Pentest-Tools.com Network Scanner to detect this information disclosure flaw that's currently letting unauthenticated attackers leak MongoDB server info.

    Whether you’re on-call or just checking in, we’ve made it fast to see if your servers are at risk. 🎯 Scan your IPs for CVE-2025-14847, patch it fast, and have a safe New Year.

    Deets and detection here: 👉 pentest-tools.com/vulnerabilit

  15. 🫤 We know the *last* thing you want to deal with on Dec 31st is a new vulnerability. But #MongoBleed (CVE-2025-14847) isn't waiting for the ball to drop.

    Our team already updated the Pentest-Tools.com Network Scanner to detect this information disclosure flaw that's currently letting unauthenticated attackers leak MongoDB server info.

    Whether you’re on-call or just checking in, we’ve made it fast to see if your servers are at risk. 🎯 Scan your IPs for CVE-2025-14847, patch it fast, and have a safe New Year.

    Deets and detection here: 👉 pentest-tools.com/vulnerabilit

  16. 🫤 We know the *last* thing you want to deal with on Dec 31st is a new vulnerability. But #MongoBleed (CVE-2025-14847) isn't waiting for the ball to drop.

    Our team already updated the Pentest-Tools.com Network Scanner to detect this information disclosure flaw that's currently letting unauthenticated attackers leak MongoDB server info.

    Whether you’re on-call or just checking in, we’ve made it fast to see if your servers are at risk. 🎯 Scan your IPs for CVE-2025-14847, patch it fast, and have a safe New Year.

    Deets and detection here: 👉 pentest-tools.com/vulnerabilit

  17. 🫤 We know the *last* thing you want to deal with on Dec 31st is a new vulnerability. But #MongoBleed (CVE-2025-14847) isn't waiting for the ball to drop.

    Our team already updated the Pentest-Tools.com Network Scanner to detect this information disclosure flaw that's currently letting unauthenticated attackers leak MongoDB server info.

    Whether you’re on-call or just checking in, we’ve made it fast to see if your servers are at risk. 🎯 Scan your IPs for CVE-2025-14847, patch it fast, and have a safe New Year.

    Deets and detection here: 👉 pentest-tools.com/vulnerabilit

  18. MongoDB have a blog out about #MongoBleed

    Notably:

    - Internal find at MongoDB

    - they notified customers of the issue and patch availability on December 23rd

    - A security vendor published technical details on December 24th, Christmas Eve

    - Somebody at Elastic, a direct competitor, published an exploit with full secret extraction feature on December 25th, Christmas Day

    That was an impossible situation for orgs - the security industry poured fire on them and set their own customers on fire.

  19. MongoDB have a blog out about #MongoBleed

    Notably:

    - Internal find at MongoDB

    - they notified customers of the issue and patch availability on December 23rd

    - A security vendor published technical details on December 24th, Christmas Eve

    - Somebody at Elastic, a direct competitor, published an exploit with full secret extraction feature on December 25th, Christmas Day

    That was an impossible situation for orgs - the security industry poured fire on them and set their own customers on fire.

  20. MongoDB have a blog out about #MongoBleed

    Notably:

    - Internal find at MongoDB

    - they notified customers of the issue and patch availability on December 23rd

    - A security vendor published technical details on December 24th, Christmas Eve

    - Somebody at Elastic, a direct competitor, published an exploit with full secret extraction feature on December 25th, Christmas Day

    That was an impossible situation for orgs - the security industry poured fire on them and set their own customers on fire.

  21. MongoDB have a blog out about #MongoBleed

    Notably:

    - Internal find at MongoDB

    - they notified customers of the issue and patch availability on December 23rd

    - A security vendor published technical details on December 24th, Christmas Eve

    - Somebody at Elastic, a direct competitor, published an exploit with full secret extraction feature on December 25th, Christmas Day

    That was an impossible situation for orgs - the security industry poured fire on them and set their own customers on fire.

  22. MongoDB have a blog out about #MongoBleed

    Notably:

    - Internal find at MongoDB

    - they notified customers of the issue and patch availability on December 23rd

    - A security vendor published technical details on December 24th, Christmas Eve

    - Somebody at Elastic, a direct competitor, published an exploit with full secret extraction feature on December 25th, Christmas Day

    That was an impossible situation for orgs - the security industry poured fire on them and set their own customers on fire.

  23. Une faille de sécurité importante concerne presque toutes les versions de MongoDB. Tous les serveurs que nous infogérons ont été patchés (même si évidemment le port MongoDB était restreint). #MongoBleed
    Plus de détails sur next.ink/216574/mongobleed-une

  24. Une faille de sécurité importante concerne presque toutes les versions de MongoDB. Tous les serveurs que nous infogérons ont été patchés (même si évidemment le port MongoDB était restreint). #MongoBleed
    Plus de détails sur next.ink/216574/mongobleed-une

  25. Une faille de sécurité importante concerne presque toutes les versions de MongoDB. Tous les serveurs que nous infogérons ont été patchés (même si évidemment le port MongoDB était restreint). #MongoBleed
    Plus de détails sur next.ink/216574/mongobleed-une

  26. Ubisoft shuts down Rainbow Six Siege after the new exploit hit players, causing account disruption and forcing rollback of in‑game transactions.

    Read: hackread.com/mongodb-exploit-u

  27. Critical MongoDB Uninitialized Memory Disclosure Vulnerability [CVE-2025-14847] #MongoBleed

    From Censys scanning, we're seeing around 87,000 possibly vulnerable hosts

    censys.com/advisory/cve-2025-1