Skip to content

News
Cybercrime
Risk
Policy
Privacy
Research
Cloud
Insurance

LinkedIn
Facebook

exposed servers

Threat actor compromises about 1,400 exposed MongoDB servers in low-value extortion campaign

Cloud, Cybercrime, News, Vulnerabilities

February 2, 2026

A technical analysis found a threat actor compromised about 1,400 exposed MongoDB servers, leaving ransom notes demanding about 0.005 BTC per victim. Researchers identified roughly 208,500 exposed servers and many running outdated versions.

About
Editorial Policy
Privacy
Contact