ESA disclosed a data breach, hackers breached external servers
ESA confirmed a data breach after a hacker offered to sell stolen data, confirming that external science servers were compromised.
Singapore CSA warns of maximun severity SmarterMail RCE flaw
Singapore’s CSA warns of CVE-2025-52691, a critical SmarterMail flaw enabling unauthenticated remote code execution via arbitrary file upload.
MongoBleed (CVE-2025-14847): the US, China, and the EU are among the top exploited GEOs
MongoBleed (CVE-2025-14847) lets attackers remotely leak memory from unpatched MongoDB servers using zlib compression, without authentication.
Coupang announces $1.17B compensation plan for 33.7M data breach victims
Coupang will spend about $1.17B to compensate 33.7 million users affected by a data breach, providing purchase vouchers to those impacted.
Mustang Panda deploys ToneShell via signed kernel-mode rootkit driver
China-linked APT Mustang Panda used a signed kernel-mode rootkit driver to load shellcode and deploy its ToneShell backdoor.
Lithuanian suspect arrested over KMSAuto malware that infected 2.8M systems
A Lithuanian national was arrested for allegedly spreading KMSAuto malware that stole clipboard data and infected 2.8 million systems
U.S. CISA adds a flaw in MongoDB Server to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a MongoDB Server flaw to its Known Exploited Vulnerabilities catalog.
Romania’s Oltenia Energy Complex suffers major ransomware attack
A ransomware attack hit Romania’s Oltenia Energy Complex on December 26, knocking out IT systems at the country’s largest coal power producer
Korean Air discloses data breach after the hack of its catering and duty-free supplier
Korean Air employee discloses a data breach after a hack of its catering and duty-free supplier, KC&D, affecting thousands of staff.
MongoBleed flaw actively exploited in attacks in the wild
A recently disclosed MongoDB flaw is under active exploitation, with over 87,000 potentially vulnerable instances exposed worldwide.
securityaffairs