MongoDB Vulnerability CVE‑2025‑14847 Under Active Exploitation Worldwide
A critical flaw in MongoDB’s network message decompression code, CVE‑2025‑14847 (dubbed “MongoBleed”), is being actively exploited to leak sensitive memory from vulnerable servers. Researchers report over 87,000 potentially exposed instances globally, and crafted compressed messages can extract session tokens, passwords, and API keys without authentication.
Hacker Leaks 2.3M Wired.com Records, Claims 40M‑User Condé Nast Breach
An individual using the alias “Lovely” posted what they say are 2.3 million Wired.com user records and claimed a broader 40 million‑user breach linked to Condé Nast properties on a new forum called Breach Stars. The leaked dataset reportedly includes personal information that could be repurposed for fraud or secondary attacks, though full verification of the claimed breach scope is pending.
Cyber Attacks ‘Tipping Point’ Warning Issued After Harrods and M&S Targeted
British businesses, including Jaguar Land Rover, Marks & Spencer, and Harrods, were highlighted as high‑profile targets in a 2025 surge of cyber attacks, prompting UK financial authorities to warn of broader economic risks. Officials emphasize collaboration and stronger defenses as cyber threats continue affecting major commercial sectors.
Windows LPE Vulnerabilities via Kernel Drivers and Named Pipes Allows Privilege Escalation
New research draws attention to privilege escalation weaknesses in Windows systems via kernel drivers and named pipes, where insufficient input validation can allow attackers to elevate privileges from standard users to SYSTEM. These vectors remain a focus for adversaries seeking local escalation paths, underscoring the need for rigorous patching and driver hardening.
CISOs Are Managing Risk in Survival Mode
An industry analysis details how chief information security officers are coping with expanding responsibilities, rising budgets, and evolving threat landscapes as AI adoption and executive expectations increase pressure on security leadership. The piece frames the current environment as one of heightened operational risk, reinforcing the importance of strategic risk management amid emerging threats.
