"U.S. and Australian cyber agencies confirmed that hackers are exploiting a vulnerability that emerged over the Christmas holiday and is impacting data storage systems from the company MongoDB. The issue drew concern on December 25 when a prominent researcher published exploit code for CVE-2025-14847 - a vulnerability MongoDB announced on December 15 and patched on December 19."
"The Cybersecurity and Infrastructure Security Agency (CISA) added the bug to its catalog of exploited vulnerabilities on Monday evening and ordered all federal civilian agencies to patch it by January 19. A CISA spokesperson declined to answer further questions about what U.S. agencies are doing to protect those who may be impacted."
U.S. and Australian cyber agencies confirmed active exploitation of a vulnerability affecting MongoDB data storage systems that surfaced over the Christmas holiday. A prominent researcher published exploit code for CVE-2025-14847 on December 25; MongoDB originally announced the vulnerability on December 15 and released a patch on December 19. The Cybersecurity and Infrastructure Security Agency (CISA) added the bug to its catalog of exploited vulnerabilities and ordered all federal civilian agencies to patch by January 19. A CISA spokesperson declined to provide further details about measures being taken to protect potentially impacted systems.
Read at DataBreaches.Net
Unable to calculate read time
Collection
[
|
...
]