The Hacker News

MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide

A critical MongoDB flaw, CVE-2025-14847, is under active exploitation, allowing unauthenticated data leaks from 87,000+ vulnerable servers worldwide.

CISA reveals warning on Asus software flaw, here's what you need to do to stay safe

Usually, when CISA adds flaws to KEV, it means that Federal Civilian Executive Branch agencies have a three-week deadline to patch up or stop using the products entirely. For the ASUS flaw, agencies ...
Bleeping Computer

Microsoft November 2025 Patch Tuesday fixes 1 zero-day, 63 flaws

Today is Microsoft's November 2025 Patch Tuesday, which includes security updates for 63 flaws, including one actively exploited zero-day vulnerability. This Patch Tuesday also addresses four ...
Bleeping Computer

Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws

Today is Microsoft's October 2025 Patch Tuesday, which includes security updates for 172 flaws, including six zero-day vulnerabilities. This Patch Tuesday also addresses eight "Critical" ...
PC World

Microsoft fixes critical Office zero-day security flaw. Update ASAP!

PCWorld reports that Microsoft released critical security updates fixing 15 Office vulnerabilities, including 14 remote code execution flaws affecting Excel, Word, Outlook, and Access. One zero-day ...