Cybersecurity authorities in the U.S. and Australia are warning that a critical vulnerability in MongoDB and MongoDB Server is being actively exploited in the wild and represents a threat for organizations that run exposed database infrastructure. The vulnerability, tracked as CVE-2025-14847 and dubbed “MongoBleed,” is described by the U.S. Cybersecurity & Infrastructure Agency as an ...

OpenAI Group PBC is looking to hire a head of preparedness, a senior safety role tasked with anticipating potential harms from the company’s artificial intelligence models and guiding how those risks are mitigated as capabilities advance. According to a job listing published on OpenAI’s careers site, the role will lead the technical strategy and execution ...

Video game publisher Ubisoft Entertainment SA has been forced to take its popular multiplayer game “Tom Clancy’s Rainbow Six Siege” offline following a breach that manipulated core gameplay systems and injected massive amounts of value into player accounts. Players logging into the game on Dec. 27 were greeted by billions of additional game credits. According to ...

A Texas power developer is proposing to use repurposed retired U.S. Navy nuclear reactors from aircraft carriers and submarines to supply continuous power to large-scale artificial intelligence data centers. The proposal comes from HGP Intelligent Energy LLC, which, according to filings with the U.S. Department of Energy, is asking for a loan guarantee under the ...

A new report out today from artificial intelligence security startup Cyata Security Ltd. details a recently uncovered critical vulnerability on langchain-core, the foundational library behind LangChain-based agents used widely in artificial intelligence production environments. The vulnerability, tracked as CVE-2025-68664 and dubbed “LangGrinch,” has a Common Vulnerability Scoring System score of 9.3. The vulnerability can allow attackers to ...

Eurostar International Ltd., the operator of the Eurostar trains that cross the English Channel, has been accused of mishandling the responsible disclosure of security flaws in its customer-facing artificial intelligence chatbot after security researchers were allegedly told their actions could be viewed as blackmail. The allegation comes from U.K. security firm Pen Test Partners LLP, ...

Insurance company Aflac Inc. has disclosed that a cyberattack that targeted the company in June resulted in the theft of records relating to 22.65 million individuals, making it one of the largest data breaches reported this year in the U.S. insurance sector. The company first detected unauthorized access to portions of its U.S. network on ...

France’s national postal service,  La Poste and its banking arm, La Banque Postale, were knocked offline on Monday in a distributed denial-of-service attack that disrupted services at the height of the Christmas season. The attack rendered La Poste’s online services, including its website, mobile applications, mail tracking and the Digiposte digital vault, unavailable across France. ...

Frontier artificial intelligence research and product startup Lemon Slice launched today and announced that it had raised $10.5 million in funding. The money will be used to scale up its real-time interactive avatar technology and drive broader commercial adoption of its application programming interface and embedded avatar products. Founded in 2024 and a graduate of ...

A new report out today from managed detection and response company Expel Inc. details a newly identified variant of the Shai Hulud malware that is demonstrating how software supply chain attacks are evolving beyond isolated package compromises into self-propagating campaigns that turn developers themselves into distribution points. Shai Hulud is a malware campaign first observed in ...