Aniket Chavan

MongoBleed (CVE-2025-14847) is basically Heartbleed for MongoDB - unauthenticated memory disclosure - public POC, trivial to exploit - leaks creds, tokens, cloud keys straight from RAM - huge exposed surface on the internet Good writeups and technical details here: https://t.co/LgK4RABmJu https://t.co/DWtByJQ3au https://t.co/LUwfnF6uXG Patch fast, rotate secrets, and assume exposed instances were scanned(!)

🚨 MongoBleed (CVE-2025-14847) MongoDB w/ zlib enabled (default) may leak uninitialized heap memory to unauthenticated attackers, risking credentials & tokens. 📌 Censys sees 87K+ potentially vulnerable instances. ✅ Patch: 8.2.3+, 8.0.17+, 7.0.28+, 6.0.27+, 5.0.32+, 4.4.30+ 🔗 https://t.co/VsTKBoiKNp #MongoDB #CVE202514847

🚨 Hackers Using PuTTY for Both Lateral Movement and Data Exfiltration Source: https://t.co/QshoFLyF5J Hackers are increasingly abusing the popular PuTTY SSH client for stealthy lateral movement and data exfiltration in compromised networks, leaving subtle forensic traces that investigators can exploit. Threat actors favor PuTTY, a legitimate tool for secure remote access, due to its “living off the land” nature, blending malicious activity with normal admin tasks. Attackers execute PuTTY binaries like plink.exe or pscp.exe to hop between systems via SSH tunnels and siphon sensitive files without deploying custom malware. #cybersecuritynews

🛑 WARNING: CVE-2025-20393 is rated 10.0, with no patch available. Cisco confirmed active exploitation of an AsyncOS zero-day by a China-linked APT. The flaw allows root-level command execution on affected email security appliances and enables attackers to establish persistence. 🔗 Details and mitigations → https://t.co/vHajVFkm5T

Additional Insight from “Scattered LAPSUS$ Hunters” Telegram Posts 1. New Claimed Breach – Banco Santander •Asking Price: 30 BTC (~USD 1.7M) •Alleged Data: •30M customer records •6M account numbers with balances •28M credit card numbers •HR employee lists •Consumer citizenship data •Affected Countries: Spain, Chile, Uruguay ⸻ 2. Claimed https://t.co/tzKVAOXoFs Compromise •Offer to drop shell access to https://t.co/dzMCHtxngZ if the post hits 50 reactions in the chat. •Designed as a public stunt to show capability. ⸻ 3. Group’s Ransom Stance •Non-paying targets are exposed. •Claims many don’t pay because of law enforcement pressure. •Accuses agencies of preferring large fines/lawsuits over victim payments to hackers. •Typical demands: $500K–$5M, positioned as “reasonable” compared to other actors. •Asserts they “honor agreements” with compliant entities. In another post, member shows off a Rolex, iPad Pro & Pandora haul — claiming it was bought with ransom $ from AT&T.

New Telegram group “Scattered LAPSUS$ Hunters” emerges Claims hits on: Gucci, Chanel, Neiman Marcus, Victoria’s Secret, Coca-Cola Europacific, 🇺🇸 DHS, 🇬🇧 NCA & Ministry of Justice, 🇧🇷, 🇮🇳, 🇫🇷 govs & Iran’s IRGC intel DB. Mix of leaks, threats & trolling. Corporate Targets Gucci – Customer data sample (~100 entries) Chanel – Breach tied to Salesforce campaign Neiman Marcus – Database for sale (1 BTC) Victoria’s Secret – Claimed upcoming large data dump Coca-Cola Europacific Partners – Vendor contact database (Salesforce-derived) Government / Law Enforcement Targets United States Department of Homeland Security (DHS) – Threats issued UK National Crime Agency (NCA) – Threats issued UK Ministry of Justice – Threat to leak GitHub repos & Legal Aid Agency DB if member not released Government of Brazil – Claimed compromise Government of England – Threats issued Government of France – Threats issued Government of India – Threats issued Iran IRGC (Islamic Revolutionary Guard Corps) Intelligence Agency – Claimed database access / threat

🚨 New Group claiming to linked to “Scattered Spider” emerges on Telegram Blending Scattered Spider, LAPSUS$ & ShinyHunters chaos — leaks hit Gucci, Chanel, Neiman Marcus, Coca-Cola Europacific & govs of 🇺🇸🇬🇧🇧🇷🇮🇳. Data ranges from vendor lists to breach samples, mixed w/ threats & trolling. We would be soon publishing a detailed blog analysing the real time chats.