Critical Flaws "MongoBleed" and "React2Shell" Actively Exploited, Major Data Breaches and Ransomware Attacks Continue Year-End Surge

Publication Date: December 28, 2025

Summary

This cybersecurity advisory for December 28, 2025, covers a series of critical threats, including the active exploitation of the "MongoBleed" (CVE-2025-14847) memory leak in MongoDB and the "React2Shell" (CVE-2025-55182) RCE vulnerability in the React framework. The period also saw major data breach disclosures from 700Credit and Baker University, affecting millions. Ransomware activity remains high, with attacks on Romanian critical infrastructure by "The Gentlemen" and a claimed breach of Chrysler by the Everest group. State-sponsored activity also features prominently with updated advisories on the BRICKSTORM backdoor and the re-emergence of Iran's "Prince of Persia" APT.

Today New Articles

Everest Ransomware Claims Breach of Chrysler, Threatens to Leak Over 1TB of Data

The Everest ransomware group has claimed responsibility for a significant data breach at the American automaker Chrysler. In a post on its dark web leak site on December 25, 2025, the group alleged it exfiltrated over 1 terabyte (TB) of data, including a "full...

Living Off the Cloud: Phishing Campaign Abuses Google Cloud Service to Bypass Security Filters

A widespread and sophisticated phishing campaign is abusing Google Cloud's own Application Integration service to send malicious emails that appear to come from a legitimate Google address ("noreply-application-integration@google.com"). This technique allows t...

Iran's "Prince of Persia" APT Returns with Upgraded Malware, Uses Telegram for C2

The Iranian state-sponsored threat group "Prince of Persia" has resurfaced with multiple active malware campaigns, according to a new report from SafeBreach. The APT group is deploying new variants of its signature "Tonnerre" and "Foudre" backdoors. In a signi...

"Aisuru" Botnet Shatters Records with 29.7 Tbps DDoS Attack

A powerful botnet-for-hire service named "Aisuru" has emerged as a major global threat, responsible for a new record-breaking Distributed Denial-of-Service (DDoS) attack peaking at 29.7 Terabits per second (Tbps). The botnet, which leverages millions of compro...

Article Updates

Baker University Discloses Year-Old Breach Affecting Over 53,000 Individuals

Update:The update provides a refined technical analysis of the Baker University breach, inferring different attacker TTPs including initial access via phishing (T1566.001), establishing persistence (T1136), network discovery (T1018), and data collection (T1074). It a...