exploited

MongoBleed (CVE-2025-14847): the US, China, and the EU are among the top exploited GEOs

AndyC 1 January 2026

MongoBleed (CVE-2025-14847): the US, China, and the EU are among the top exploited GEOs Pierluigi Paganini December 31, 2025 MongoBleed...

U.S. CISA adds a flaw in MongoDB Server to its Known Exploited Vulnerabilities catalog

AndyC 31 December 2025

U.S. CISA adds a flaw in MongoDB Server to its Known Exploited Vulnerabilities catalog Pierluigi Paganini December 30, 2025 U.S....

Threat Actors Exploiting Critical ‘MongoBleed’ MongoDB Flaw

MongoBleed flaw actively exploited in attacks in the wild

AndyC 30 December 2025

MongoBleed flaw actively exploited in attacks in the wild Pierluigi Paganini December 29, 2025 A recently disclosed MongoDB flaw (MongoBleed)...

Security Blogs

Five-year-old Fortinet FortiOS SSL VPN vulnerability actively exploited

AndyC 26 December 2025

Five-year-old Fortinet FortiOS SSL VPN vulnerability actively exploited Pierluigi Paganini December 25, 2025 Fortinet reported active exploitation of a five-year-old...

10 Android tips you shouldn’t miss from 2025

U.S. CISA adds a flaw in Digiever DS-2105 Pro to its Known Exploited Vulnerabilities catalog

AndyC 24 December 2025

U.S. CISA adds a flaw in Digiever DS-2105 Pro to its Known Exploited Vulnerabilities catalog Pierluigi Paganini December 23, 2025...

U.S. CISA adds a flaw in WatchGuard Fireware OS to its Known Exploited Vulnerabilities catalog

AndyC 21 December 2025

U.S. CISA adds a flaw in WatchGuard Fireware OS to its Known Exploited Vulnerabilities catalog Pierluigi Paganini December 20, 2025...

Chinese Hackers Exploited a Zero-Day in Cisco Email Security Systems

AndyC 19 December 2025

Cisco disclosed that a China-linked hacking group exploited a previously unknown vulnerability in its email security products, allowing attackers...

U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

AndyC 19 December 2025

U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini December 18, 2025 U.S....

SonicWall warns of actively exploited flaw in SMA 100 AMC

AndyC 18 December 2025

SonicWall warns of actively exploited flaw in SMA 100 AMC Pierluigi Paganini December 17, 2025 SonicWall warned users to patch...

CVE-2025-40602: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Exploited

AndyC 18 December 2025

A zero-day vulnerability in SonicWall’s Secure Mobile Access (SMA) 1000 was reportedly exploited in the wild in a chained...

When Zero-Days Go Active: What Ongoing Windows, Chrome, and Apple Exploits Reveal About Modern Intrusion Risk

AndyC 18 December 2025

A series of actively exploited zero-day vulnerabilities affecting Windows, Google Chrome, and Apple platforms was disclosed in mid-December, according...

U.S. CISA adds a flaw in multiple Fortinet products to its Known Exploited Vulnerabilities catalog

AndyC 18 December 2025

U.S. CISA adds a flaw in multiple Fortinet products to its Known Exploited Vulnerabilities catalog Pierluigi Paganini December 17, 2025...

React2Shell Vulnerability Actively Exploited to Deploy Linux Backdoors

AndyC 17 December 2025

The security vulnerability known as React2Shell is being exploited by threat actors to deliver malware families like KSwapDoor and ZnDoor,...

U.S. CISA adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog

AndyC 16 December 2025

U.S. CISA adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini December 15,...

U.S. CISA adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog

AndyC 11 December 2025

U.S. CISA adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini December 10, 2025 U.S....

exploited

MongoBleed (CVE-2025-14847): the US, China, and the EU are among the top exploited GEOs

U.S. CISA adds a flaw in MongoDB Server to its Known Exploited Vulnerabilities catalog

MongoBleed flaw actively exploited in attacks in the wild

Five-year-old Fortinet FortiOS SSL VPN vulnerability actively exploited

U.S. CISA adds a flaw in Digiever DS-2105 Pro to its Known Exploited Vulnerabilities catalog

U.S. CISA adds a flaw in WatchGuard Fireware OS to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

SonicWall warns of actively exploited flaw in SMA 100 AMC

CVE-2025-40602: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Exploited

When Zero-Days Go Active: What Ongoing Windows, Chrome, and Apple Exploits Reveal About Modern Intrusion Risk

U.S. CISA adds a flaw in multiple Fortinet products to its Known Exploited Vulnerabilities catalog

React2Shell Vulnerability Actively Exploited to Deploy Linux Backdoors

U.S. CISA adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog

This month in security with Tony Anscombe – December 2025 edition

A brush with online fraud: What are brushing scams and how do I stay safe?

Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

ESET Threat Report H2 2025

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Donate Bitcoin to this address

Donate Ethereum to this address

How AutoSecT Helps Security Teams Handle 1000+ Endpoints Effortlessly?

Post-Quantum Identity and Access Management for AI Agents

Trust Wallet confirms second Shai-Hulud supply-chain attack, $8.5M in crypto stolen

React2Shell under attack: RondoDox Botnet spreads miners and malware

ThreatsDay Bulletin: GhostAd Drain, macOS Attacks, Proxy Botnets, Cloud Exploits, and 12+ Stories

Donate Bitcoin to this address

Donate Ethereum to this address

You may have missed