Summary
Attackers are actively exploiting CVE-2025-14847 vulnerability in MongoDB dubbed MongoBleed to steal credentials. Over 75,000 internet-exposed databases are reported in security scans.
Take Action:
Make sure all database servers are isolated from the internet and accessible from trusted networks only. Then patch ASAP! If you can't update your MongoDB instance immediately, disable zlib compression.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)