All Posts

CVE-2025-14847 "MongoBleed” MongoDB Unauthenticated Memory Disclosure Vulnerability Classification: Threat Advisory Threat Level:  High/Advisory Date Issued:  29 December 2025 Distribution:  To: Security Operations Centers (SOC), Database Administrators (DBA), System Owners Executive Summary CVE-2025-14847, publicly disclosed and colloquially named "MongoBleed,"  is a critical, unauthenticated memory disclosure vulnerability affecting MongoDB Server across multiple versions.

Critical Zero-Day Exploited in Cisco Secure Email Appliances (CVE‑2025‑20393)  DTG Threat Intelligence is tracking active exploitation of CVE-2025-20393, a critical zero‑day vulnerability (CVSS 10.0) impacting Cisco Secure Email Gateway and Cisco Secure Email and Web Manager appliances running AsyncOS. The flaw allows unauthenticated remote attackers to execute arbitrary commands with root privileges, resulting in complete system compromise.  Analysis links attacks to China‑b

This report was developed by the DTG Threat Management Team, with analysis contributions from Darrel Inness and Alex Waintraub. Discovery and Disclosure On December 3, 2025, the React team disclosed CVE-2025-55182, a maximum‑severity (CVSS 10.0) remote code execution vulnerability in React Server Components, now widely referred to as “ React2Shell .” The flaw enables unauthenticated attackers to trigger server‑side code execution with a single crafted HTTP request against com

DTG Threat Intelligence Brief | December 5, 2025 | Alex Waintraub & Chris Goodfellow On December 3, 2025, the software development ecosystem was rocked by the disclosure of CVE-2025-55182, a critical (CVSS 10.0) unauthenticated remote code execution (RCE) vulnerability in React Server Components, now known as “React2Shell.” Discovered by researcher Lachlan Davidson, the flaw allows attackers to execute code on servers running popular frameworks like Next.js with a single mali

What’s for Lunch?   Cybersecurity Acronym Alphabet Soup! Gartner gives us all these acronyms, and I’m pretty sure somehow they make money...

A Vital Part of Enterprise Cyber Vigilance: The Security Operations Center (SOC) Team These often-unsung heroes are our wizards mastering...

Businesses of all sizes face increasingly sophisticated cyber threats. If your business uses the internet or email, you are at risk....

A Fresh Look, Enhanced Usability, and Richer Content The Distributed Technology Group (DTG) is thrilled to announce the launch of our...

Introducing Your Personal DTG Guide: Our Innovative Website AI Assistant Distributed Technology Group (DTG) is proud to introduce the...