#mongobleed — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #mongobleed, aggregated by home.social.
-
#MongoBleed and #Shodan is a dangerous combination. #security
-
#MongoBleed and #Shodan is a dangerous combination. #security
-
#MongoBleed and #Shodan is a dangerous combination. #security
-
#MongoBleed and #Shodan is a dangerous combination. #security
-
#MongoBleed and #Shodan is a dangerous combination. #security
-
🔥 Latest issue of my curated #cybersecurity and #infosec list of resources for week #03/2026 is out!
→ It includes the following and much more:
🔓️ #BreachForums had its user database leaked;
❌ #RedVDS Infrastructure seized by #Microsoft and Law Enforcement;
🇪🇸 🇪🇺 #Europol and Spanish police arrested 34 people linked to the Black Axe;
🇮🇷 🔌 #Iran has cut off internet and phone access nationwide for more than a week
🐧 New modular #Linux malware framework called #VoidLink;
🩸 #MongoBleed, a critical, unauthenticated #MongoDB memory-leak vulnerability;
📆 🩹 Microsoft #PatchTuesday addresses 112 defects, including one actively exploited zero-day;
--
👉 NEVER MISS my curations and updates on information security and cybersecurity news and challenges 📨 Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
https://infosec-mashup.santolaria.net/p/infosec-mashup-03-2026
-
🔥 Latest issue of my curated #cybersecurity and #infosec list of resources for week #03/2026 is out!
→ It includes the following and much more:
🔓️ #BreachForums had its user database leaked;
❌ #RedVDS Infrastructure seized by #Microsoft and Law Enforcement;
🇪🇸 🇪🇺 #Europol and Spanish police arrested 34 people linked to the Black Axe;
🇮🇷 🔌 #Iran has cut off internet and phone access nationwide for more than a week
🐧 New modular #Linux malware framework called #VoidLink;
🩸 #MongoBleed, a critical, unauthenticated #MongoDB memory-leak vulnerability;
📆 🩹 Microsoft #PatchTuesday addresses 112 defects, including one actively exploited zero-day;
--
👉 NEVER MISS my curations and updates on information security and cybersecurity news and challenges 📨 Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
https://infosec-mashup.santolaria.net/p/infosec-mashup-03-2026
-
🔥 Latest issue of my curated #cybersecurity and #infosec list of resources for week #03/2026 is out!
→ It includes the following and much more:
🔓️ #BreachForums had its user database leaked;
❌ #RedVDS Infrastructure seized by #Microsoft and Law Enforcement;
🇪🇸 🇪🇺 #Europol and Spanish police arrested 34 people linked to the Black Axe;
🇮🇷 🔌 #Iran has cut off internet and phone access nationwide for more than a week
🐧 New modular #Linux malware framework called #VoidLink;
🩸 #MongoBleed, a critical, unauthenticated #MongoDB memory-leak vulnerability;
📆 🩹 Microsoft #PatchTuesday addresses 112 defects, including one actively exploited zero-day;
--
👉 NEVER MISS my curations and updates on information security and cybersecurity news and challenges 📨 Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
https://infosec-mashup.santolaria.net/p/infosec-mashup-03-2026
-
🔥 Latest issue of my curated #cybersecurity and #infosec list of resources for week #03/2026 is out!
→ It includes the following and much more:
🔓️ #BreachForums had its user database leaked;
❌ #RedVDS Infrastructure seized by #Microsoft and Law Enforcement;
🇪🇸 🇪🇺 #Europol and Spanish police arrested 34 people linked to the Black Axe;
🇮🇷 🔌 #Iran has cut off internet and phone access nationwide for more than a week
🐧 New modular #Linux malware framework called #VoidLink;
🩸 #MongoBleed, a critical, unauthenticated #MongoDB memory-leak vulnerability;
📆 🩹 Microsoft #PatchTuesday addresses 112 defects, including one actively exploited zero-day;
--
👉 NEVER MISS my curations and updates on information security and cybersecurity news and challenges 📨 Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
https://infosec-mashup.santolaria.net/p/infosec-mashup-03-2026
-
🔥 Latest issue of my curated #cybersecurity and #infosec list of resources for week #03/2026 is out!
→ It includes the following and much more:
🔓️ #BreachForums had its user database leaked;
❌ #RedVDS Infrastructure seized by #Microsoft and Law Enforcement;
🇪🇸 🇪🇺 #Europol and Spanish police arrested 34 people linked to the Black Axe;
🇮🇷 🔌 #Iran has cut off internet and phone access nationwide for more than a week
🐧 New modular #Linux malware framework called #VoidLink;
🩸 #MongoBleed, a critical, unauthenticated #MongoDB memory-leak vulnerability;
📆 🩹 Microsoft #PatchTuesday addresses 112 defects, including one actively exploited zero-day;
--
👉 NEVER MISS my curations and updates on information security and cybersecurity news and challenges 📨 Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
https://infosec-mashup.santolaria.net/p/infosec-mashup-03-2026
-
One more side project? :blobcat:
🥭 🩸 🍯#mongobleed #CVE-2025-14847
-
One more side project? :blobcat:
🥭 🩸 🍯#mongobleed #CVE-2025-14847
-
One more side project? :blobcat:
🥭 🩸 🍯#mongobleed #CVE-2025-14847
-
One more side project? :blobcat:
🥭 🩸 🍯#mongobleed #CVE-2025-14847
-
One more side project? :blobcat:
🥭 🩸 🍯#mongobleed #CVE-2025-14847
-
Mongobleed (CVE-2025-14847): Lỗ hổng lộ lọt bộ nhớ thời gian chạy trong MongoDB có thể làm lộ dữ liệu nhạy cảm mà không kích hoạt cảnh báo. Làm thế nào để phát hiện rò rỉ bộ nhớ thời gian chạy trong khi vẫn giữ tiếng ồn ở mức tối thiểu? Xem bài viết trên blog của Armosec.io. #cybersecurity #vulnerability #MongoDB #Mongobleed #CVE202514847 #bảo_mật #lỗ_hổng #phát_hiện_rò_rỉ_bộ_nhớ
https://www.reddit.com/r/SaaS/comments/1q1y7w5/runtime_memory_vulnerabilities_in_mongodb/
-
Mongobleed (CVE-2025-14847): Lỗ hổng lộ lọt bộ nhớ thời gian chạy trong MongoDB có thể làm lộ dữ liệu nhạy cảm mà không kích hoạt cảnh báo. Làm thế nào để phát hiện rò rỉ bộ nhớ thời gian chạy trong khi vẫn giữ tiếng ồn ở mức tối thiểu? Xem bài viết trên blog của Armosec.io. #cybersecurity #vulnerability #MongoDB #Mongobleed #CVE202514847 #bảo_mật #lỗ_hổng #phát_hiện_rò_rỉ_bộ_nhớ
https://www.reddit.com/r/SaaS/comments/1q1y7w5/runtime_memory_vulnerabilities_in_mongodb/
-
Weltweit ca. 90k verwundbare #MongoDB-Instanzen
#MongoBleed: Mehr als 11.500 verwundbare MongoDB-Instanzen in Deutschland | Security https://www.heise.de/news/MongoBleed-Mehr-als-11-500-verwundbare-MongoDB-Instanzen-in-Deutschland-11126702.html #Patchday #exploit #zlib #NoSQL
-
Weltweit ca. 90k verwundbare #MongoDB-Instanzen
#MongoBleed: Mehr als 11.500 verwundbare MongoDB-Instanzen in Deutschland | Security https://www.heise.de/news/MongoBleed-Mehr-als-11-500-verwundbare-MongoDB-Instanzen-in-Deutschland-11126702.html #Patchday #exploit #zlib #NoSQL
-
Weltweit ca. 90k verwundbare #MongoDB-Instanzen
#MongoBleed: Mehr als 11.500 verwundbare MongoDB-Instanzen in Deutschland | Security https://www.heise.de/news/MongoBleed-Mehr-als-11-500-verwundbare-MongoDB-Instanzen-in-Deutschland-11126702.html #Patchday #exploit #zlib #NoSQL
-
Weltweit ca. 90k verwundbare #MongoDB-Instanzen
#MongoBleed: Mehr als 11.500 verwundbare MongoDB-Instanzen in Deutschland | Security https://www.heise.de/news/MongoBleed-Mehr-als-11-500-verwundbare-MongoDB-Instanzen-in-Deutschland-11126702.html #Patchday #exploit #zlib #NoSQL
-
„#MongoBleed“: #Exploit für kritische Lücke in #MongoDB erleichtert Angriffe | heise online https://www.heise.de/news/MongoBleed-Exploit-fuer-kritische-Luecke-in-MongoDB-erleichtert-Angriffe-11125112.html #Patchday #zlib #NoSQL
-
„#MongoBleed“: #Exploit für kritische Lücke in #MongoDB erleichtert Angriffe | heise online https://www.heise.de/news/MongoBleed-Exploit-fuer-kritische-Luecke-in-MongoDB-erleichtert-Angriffe-11125112.html #Patchday #zlib #NoSQL
-
„#MongoBleed“: #Exploit für kritische Lücke in #MongoDB erleichtert Angriffe | heise online https://www.heise.de/news/MongoBleed-Exploit-fuer-kritische-Luecke-in-MongoDB-erleichtert-Angriffe-11125112.html #Patchday #zlib #NoSQL
-
„#MongoBleed“: #Exploit für kritische Lücke in #MongoDB erleichtert Angriffe | heise online https://www.heise.de/news/MongoBleed-Exploit-fuer-kritische-Luecke-in-MongoDB-erleichtert-Angriffe-11125112.html #Patchday #zlib #NoSQL
-
Hunting MongoBleed (CVE-2025-14847): https://blog.ecapuano.com/p/hunting-mongobleed-cve-2025-14847
-
Hunting MongoBleed (CVE-2025-14847): https://blog.ecapuano.com/p/hunting-mongobleed-cve-2025-14847
-
🫤 We know the *last* thing you want to deal with on Dec 31st is a new vulnerability. But #MongoBleed (CVE-2025-14847) isn't waiting for the ball to drop.
Our team already updated the Pentest-Tools.com Network Scanner to detect this information disclosure flaw that's currently letting unauthenticated attackers leak MongoDB server info.
Whether you’re on-call or just checking in, we’ve made it fast to see if your servers are at risk. 🎯 Scan your IPs for CVE-2025-14847, patch it fast, and have a safe New Year.
Deets and detection here: 👉 https://pentest-tools.com/vulnerabilities-exploits/mongodb-server-information-disclosure-mongobleed_28455
-
🫤 We know the *last* thing you want to deal with on Dec 31st is a new vulnerability. But #MongoBleed (CVE-2025-14847) isn't waiting for the ball to drop.
Our team already updated the Pentest-Tools.com Network Scanner to detect this information disclosure flaw that's currently letting unauthenticated attackers leak MongoDB server info.
Whether you’re on-call or just checking in, we’ve made it fast to see if your servers are at risk. 🎯 Scan your IPs for CVE-2025-14847, patch it fast, and have a safe New Year.
Deets and detection here: 👉 https://pentest-tools.com/vulnerabilities-exploits/mongodb-server-information-disclosure-mongobleed_28455
-
🫤 We know the *last* thing you want to deal with on Dec 31st is a new vulnerability. But #MongoBleed (CVE-2025-14847) isn't waiting for the ball to drop.
Our team already updated the Pentest-Tools.com Network Scanner to detect this information disclosure flaw that's currently letting unauthenticated attackers leak MongoDB server info.
Whether you’re on-call or just checking in, we’ve made it fast to see if your servers are at risk. 🎯 Scan your IPs for CVE-2025-14847, patch it fast, and have a safe New Year.
Deets and detection here: 👉 https://pentest-tools.com/vulnerabilities-exploits/mongodb-server-information-disclosure-mongobleed_28455
-
🫤 We know the *last* thing you want to deal with on Dec 31st is a new vulnerability. But #MongoBleed (CVE-2025-14847) isn't waiting for the ball to drop.
Our team already updated the Pentest-Tools.com Network Scanner to detect this information disclosure flaw that's currently letting unauthenticated attackers leak MongoDB server info.
Whether you’re on-call or just checking in, we’ve made it fast to see if your servers are at risk. 🎯 Scan your IPs for CVE-2025-14847, patch it fast, and have a safe New Year.
Deets and detection here: 👉 https://pentest-tools.com/vulnerabilities-exploits/mongodb-server-information-disclosure-mongobleed_28455
-
🫤 We know the *last* thing you want to deal with on Dec 31st is a new vulnerability. But #MongoBleed (CVE-2025-14847) isn't waiting for the ball to drop.
Our team already updated the Pentest-Tools.com Network Scanner to detect this information disclosure flaw that's currently letting unauthenticated attackers leak MongoDB server info.
Whether you’re on-call or just checking in, we’ve made it fast to see if your servers are at risk. 🎯 Scan your IPs for CVE-2025-14847, patch it fast, and have a safe New Year.
Deets and detection here: 👉 https://pentest-tools.com/vulnerabilities-exploits/mongodb-server-information-disclosure-mongobleed_28455
-
MongoDB have a blog out about #MongoBleed
Notably:
- Internal find at MongoDB
- they notified customers of the issue and patch availability on December 23rd
- A security vendor published technical details on December 24th, Christmas Eve
- Somebody at Elastic, a direct competitor, published an exploit with full secret extraction feature on December 25th, Christmas Day
That was an impossible situation for orgs - the security industry poured fire on them and set their own customers on fire.
-
MongoDB have a blog out about #MongoBleed
Notably:
- Internal find at MongoDB
- they notified customers of the issue and patch availability on December 23rd
- A security vendor published technical details on December 24th, Christmas Eve
- Somebody at Elastic, a direct competitor, published an exploit with full secret extraction feature on December 25th, Christmas Day
That was an impossible situation for orgs - the security industry poured fire on them and set their own customers on fire.
-
MongoDB have a blog out about #MongoBleed
Notably:
- Internal find at MongoDB
- they notified customers of the issue and patch availability on December 23rd
- A security vendor published technical details on December 24th, Christmas Eve
- Somebody at Elastic, a direct competitor, published an exploit with full secret extraction feature on December 25th, Christmas Day
That was an impossible situation for orgs - the security industry poured fire on them and set their own customers on fire.
-
MongoDB have a blog out about #MongoBleed
Notably:
- Internal find at MongoDB
- they notified customers of the issue and patch availability on December 23rd
- A security vendor published technical details on December 24th, Christmas Eve
- Somebody at Elastic, a direct competitor, published an exploit with full secret extraction feature on December 25th, Christmas Day
That was an impossible situation for orgs - the security industry poured fire on them and set their own customers on fire.
-
MongoDB have a blog out about #MongoBleed
Notably:
- Internal find at MongoDB
- they notified customers of the issue and patch availability on December 23rd
- A security vendor published technical details on December 24th, Christmas Eve
- Somebody at Elastic, a direct competitor, published an exploit with full secret extraction feature on December 25th, Christmas Day
That was an impossible situation for orgs - the security industry poured fire on them and set their own customers on fire.
-
Une faille de sécurité importante concerne presque toutes les versions de MongoDB. Tous les serveurs que nous infogérons ont été patchés (même si évidemment le port MongoDB était restreint). #MongoBleed
Plus de détails sur https://next.ink/216574/mongobleed-une-tres-vilaine-faille-mongodb-laisse-fuiter-des-donnees-sensibles/ -
Une faille de sécurité importante concerne presque toutes les versions de MongoDB. Tous les serveurs que nous infogérons ont été patchés (même si évidemment le port MongoDB était restreint). #MongoBleed
Plus de détails sur https://next.ink/216574/mongobleed-une-tres-vilaine-faille-mongodb-laisse-fuiter-des-donnees-sensibles/ -
Une faille de sécurité importante concerne presque toutes les versions de MongoDB. Tous les serveurs que nous infogérons ont été patchés (même si évidemment le port MongoDB était restreint). #MongoBleed
Plus de détails sur https://next.ink/216574/mongobleed-une-tres-vilaine-faille-mongodb-laisse-fuiter-des-donnees-sensibles/ -
Ubisoft shuts down Rainbow Six Siege after the new #MongoBleed exploit hit players, causing account disruption and forcing rollback of in‑game transactions.
Read: https://hackread.com/mongodb-exploit-ubisoft-rainbow-six-siege-players/
#Cybersecurity #Vulnerability #Gaming #RainbowSixSiege #Ubisoft
-
Ubisoft shuts down Rainbow Six Siege after the new #MongoBleed exploit hit players, causing account disruption and forcing rollback of in‑game transactions.
Read: https://hackread.com/mongodb-exploit-ubisoft-rainbow-six-siege-players/
#Cybersecurity #Vulnerability #Gaming #RainbowSixSiege #Ubisoft
-
Ubisoft shuts down Rainbow Six Siege after the new #MongoBleed exploit hit players, causing account disruption and forcing rollback of in‑game transactions.
Read: https://hackread.com/mongodb-exploit-ubisoft-rainbow-six-siege-players/
#Cybersecurity #Vulnerability #Gaming #RainbowSixSiege #Ubisoft
-
Ubisoft shuts down Rainbow Six Siege after the new #MongoBleed exploit hit players, causing account disruption and forcing rollback of in‑game transactions.
Read: https://hackread.com/mongodb-exploit-ubisoft-rainbow-six-siege-players/
#Cybersecurity #Vulnerability #Gaming #RainbowSixSiege #Ubisoft
-
Ubisoft shuts down Rainbow Six Siege after the new #MongoBleed exploit hit players, causing account disruption and forcing rollback of in‑game transactions.
Read: https://hackread.com/mongodb-exploit-ubisoft-rainbow-six-siege-players/
#Cybersecurity #Vulnerability #Gaming #RainbowSixSiege #Ubisoft
-
Critical MongoDB Uninitialized Memory Disclosure Vulnerability [CVE-2025-14847] #MongoBleed
From Censys scanning, we're seeing around 87,000 possibly vulnerable hosts