Dark Reading

Critical 'MongoBleed' Bug Under Attack, Patch Now

The memory leak security vulnerability allows unauthenticated attackers to extract passwords and tokens from MongoDB servers.
The Register on MSN

An early end to the holidays: 'Heartbleed of MongoDB' is now under active exploit

You didn't think you'd get to enjoy your time off without a major cybersecurity incident, did you? A high-severity MongoDB Server vulnerability, for which proofs of concept emerged over Christmas week ...