CISA Orders Emergency Patch for Actively Exploited 'MongoBleed' Flaw as Insider Threats and Supply Chain Attacks Rattle Industries

Publication Date: December 30, 2025

Summary

This cybersecurity brief for December 30, 2025, covers a series of critical incidents. The most prominent is the active exploitation of 'MongoBleed' (CVE-2025-14847), a severe memory leak vulnerability in MongoDB, which prompted an emergency directive from CISA. Other major events include the disclosure of a 10.0 CVSS RCE flaw in SmarterMail (CVE-2025-52691), the guilty pleas of two cybersecurity insiders who deployed ALPHV/BlackCat ransomware, and a massive data breach at the University of Phoenix affecting nearly 3.5 million individuals due to a Clop ransomware attack exploiting an Oracle zero-day. These events highlight escalating threats from unpatched vulnerabilities, insider risks, and sophisticated ransomware operations.

Today New Articles

Maximum Severity RCE Flaw in SmarterMail Puts Mail Servers at Risk

A critical, unauthenticated arbitrary file upload vulnerability in SmarterMail, tracked as CVE-2025-52691, has been disclosed, earning the maximum possible CVSS score of 10.0. The flaw allows a remote attacker to upload malicious files, such as a web shell, to...

Insider Threat: Cybersecurity Pros Plead Guilty to ALPHV/BlackCat Ransomware Attacks

In a significant insider threat case, two American cybersecurity professionals, Ryan Goldberg and Kevin Martin, have pleaded guilty to conspiracy to commit extortion. The pair admitted to using their expert knowledge and access gained from their roles in incid...

Rainbow Six Siege Hacked: Attackers Flood Game with $13M in Currency, Disrupting Economy

Over the weekend of December 27-28, 2025, Ubisoft's popular online shooter, Rainbow Six Siege, was hit by a major security breach. Attackers infiltrated the game's backend systems, distributing approximately 2 billion 'R6 Credits'—the game's premium currency,...

Fallout from 2022 LastPass Breach Continues: Over $35M in Crypto Stolen

The 2022 data breach at password manager LastPass is continuing to enable widespread financial theft, with researchers tracing over $35 million in stolen cryptocurrency to the incident. A report by blockchain intelligence firm TRM Labs reveals that threat acto...

Hacker Leaks 2.3M WIRED Subscriber Records, Threatens 40M More from Condé Nast

A threat actor named 'Lovely' has leaked a database containing over 2.3 million records of WIRED magazine subscribers on a hacking forum. The leaked data includes email addresses, internal IDs, and in some cases, full names, phone numbers, and physical address...

Article Updates

Cl0p Implicated in Oracle Zero-Day Attacks, Breaching UPenn and University of Phoenix

Update:The University of Phoenix has confirmed its data breach, previously reported as affecting an unspecified large number, now impacts 3,489,274 individuals. The attack, attributed to the Clop gang, exploited CVE-2025-61882 in Oracle E-Business Suite between Augus...

Hyperjacking: Ransomware Attacks on Hypervisors Skyrocket by 700%

Update:The RansomHouse group (Jolly Scorpius) has upgraded its capabilities, deploying a new ransomware variant named 'Mario' with a sophisticated dual-key encryption scheme. This makes data recovery significantly harder without paying the ransom. RansomHouse continu...