Mongo vulnerability sees rapid exploitation.

Attackers began exploiting a newly disclosed MongoDB flaw soon after technical details and proof‑of‑concept code were published. The bug, dubbed MongoBleed, stems from faulty Zlib message handling that can leak uninitialized memory and expose sensitive data before authentication occurs. Security researchers say the issue can reveal everything from session tokens to entire databases, putting tens of thousands of internet‑facing servers at risk. MongoDB has issued patches, and experts urge administrators to check logs for compromise before updating or disabling Zlib compression.

Read more:

https://www.securityweek.com/fresh-mongodb-vulnerability-exploited-in-attacks/