RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...
Cybernews

As MongoBleed exploitation escalates, 95% of systems remain unpatched

Hackers are actively exploiting the MongoBleed vulnerability to dump memory, while an estimated 95% of exposed MongoDB ...
The Shib Daily

Shiba Inu Unveils Tokenized Debt Framework to Compensate Hack Victims

Crypto debt is now liquid. The "Shib Owes You" by Shiba Inu, converts victim claims into tradable Ethereum NFTs. Read how SOU ...
Cybernews

Christmas gift: method to exploit MongoBleed vulnerability leaking MongoDB secrets showcased on web

Weirdly, a public exploit and technical details are available online, showing how attackers can trigger the vulnerability and remotely extract secrets, credentials, and other sensitive data.

Exploited MongoBleed flaw leaks MongoDB secrets, 87K servers exposed

A severe vulnerability affecting multiple MongoDB versions, dubbed MongoBleed (CVE-2025-14847), is being actively exploited ...

China exploits US-funded research on nuclear technology, a congressional report says

A congressional report says China is exploiting partnerships with U.S. researchers to provide the Chinese military with access to sensitive nuclear technology and other innovations with economic ...
WinBuzzer

UK Demands Apple and Google Implement OS-Level Nudity Blocking and Age Verification

The UK Home Office has demanded Apple and Google implement default OS-level nudity blocking and biometric age verification on all devices.
Variety

Disney Accuses Google of Using AI to Engage in Copyright Infringement on ‘Massive Scale’

As Disney has gone into business with OpenAI, the Mouse House is accusing Google of copyright infringement on a “massive scale” using AI models and services to “commercially exploit and distribute” ...
Forbes

‘Zero‑Click Google Drive Wiper’ Exploit Mass‑Deletes Files

A polite email asking an AI browser to “organize your Drive” can silently wipe your files. No phishing link or suspicious attachment required. Just a friendly request that turns an automated assistant ...
PC Gamer

Google's toying with nonsense AI-made headlines on articles like ours in the Discover feed, so please don't blame me for clickbait like 'BG3 players exploit children'

RPG Baldur's Gate 3 developer Larian defends itself as fans react to generative AI use: 'I'm not entirely sure we are the ideal target for the level of scorn' AI Swen Vincke promises an AMA to clear ...
Lifehacker

Google's December Security Update Fixes Two Zero-Day Exploits (and 105 Others)

In its Android Security Bulletin for December, Google is pushing an especially large number of updates to address vulnerabilities across different components—and two of the flaws may have been ...
winbuzzer.com

Google Issues Emergency Chrome Update to Patch Active Zero-Day Exploit

With active attacks already underway, Google has issued an emergency security update for Chrome to patch a critical zero-day vulnerability in its V8 JavaScript engine. The high-severity flaw, tracked ...