Exploited MongoBleed flaw leaks MongoDB secrets, 87K servers exposed

A severe vulnerability affecting multiple MongoDB versions, dubbed MongoBleed (CVE-2025-14847), is being actively exploited ...
CSO Online

Webrat turns GitHub PoCs into a malware trap

The known RAT aimed at gamers is now targeting security professionals searching GitHub for PoCs and exploit codes.

Dangerous WebRAT malware now being spread by GitHub repositories

Cybersecurity researchers Kaspersky said they found 15 malicious repositories hosted on GitHub. These repositories, ...
Security Boulevard

Best of 2025: Inside the Minds of Cybercriminals: A Deep Dive into Black Basta’s Leaked Chats

The leaked internal chat communications of the Black Basta ransomware group offer an unprecedented view into how cybercriminals operate, plan attacks, and ...
GitHub

Xzbot: Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)

See openssh.patch for a simple patch to openssh that logs any connection attempt with a public key N matching the backdoor format. The backdoor uses a hardcoded ED448 public key for signature ...
The Hacker News

Chrome Targeted by Active In-the-Wild Exploit Tied to Undisclosed High-Severity Flaw

Google on Wednesday shipped security updates for its Chrome browser to address three security flaws, including one it said has come under active exploitation in the wild. The vulnerability, rated high ...
GitHub

CVE-2024-4577 PoC Exploit

This repository contains a proof-of-concept (PoC) exploit for CVE-2024-4577, a critical vulnerability affecting all versions of PHP running on Windows. The vulnerability allows attackers to execute ...