Dark Reading

Critical 'MongoBleed' Bug Under Attack, Patch Now

Attackers are actively exploiting a critical vulnerability in MongoDB to steal sensitive information directly from an affected server's memory. The attacks appear to have started on Dec. 29, barely ...
Bleeping Computer

CISA orders feds to patch MongoBleed flaw exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to secure their systems against a high-severity MongoDB flaw that is actively being exploited in attacks.