Bleeping Computer

MongoDB warns admins to patch severe vulnerability immediately

Update 12/26/25: Article updated to correct that the flaw has not been officially classified as an RCE. MongoDB has warned IT admins to immediately patch a high-severity memory-read vulnerability that ...
Bleeping Computer

Critical React2Shell flaw exploited in ransomware attacks

A ransomware gang exploited the critical React2Shell vulnerability (CVE-2025-55182) to gain initial access to corporate networks and deployed the file-encrypting malware less than a minute later.