Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The end-of-year holiday period is traditionally a time for code freezes and quiet rotations; however, it is also a favored window for opportunistic attackers. Threat actors love the holidays; they know that with development teams out of the office and response times naturally lagging, a small window opens for them to test new exploits without immediate detection. Recently, a security researcher discovered a new, contained variant of Shai-Hulud, dubbed "The Golden Path" (v3.0).

A high-severity vulnerability, CVE-2025-14847, affecting MongoDB Server is being actively exploited in the wild with a Bitsight Dynamic Vulnerability Exploit (DVE) score of 9.71. The flaw, commonly referred to as “MongoBleed,” is an unauthenticated memory-read vulnerability caused by improper handling of zlib-compressed network message headers, which may allow attackers to read uninitialized heap memory remotely.

A critical vulnerability identified as CVE-2025-14847 (dubbed “MongoBleed“) affects MongoDB Server instances, exposing systems to unauthenticated information disclosure. This vulnerability allows a remote attacker to read sensitive data from the server’s memory without requiring authentication.

At One Identity, we’re all about our customers, and we thrive on customer opinions. We’d love for you to share your One Identity Active Roles story by sharing a review on PeerSpot and be seen as a thought leader. It’s as quick as a 10-15-minute online survey or a phone call.

As IT environments grow more complex and adversaries move faster, security and IT teams need a reliable way to enforce configurations, maintain application health, and resolve issues at scale without writing or maintaining custom scripts. CrowdStrike Falcon for IT already gives operators powerful tools to query endpoints, run remediation, and enforce baseline configurations.

If you’re building with LangChain, you’re moving fast. That’s the point. Agents are pulling from tools, chaining prompts, summarizing documents, and responding to users in real time. But there’s a quiet truth many teams discover a little too late: Your agent is probably handling personal data—even if you didn’t design it to. Emails show up in prompts. Names appear in support tickets. Internal notes include phone numbers, IDs, or customer context.

For engineering managers, the pressure to deliver software faster has never been higher. You are constantly balancing the need for velocity with the imperative of stability and quality. While DevOps revolutionized the software development life cycle (SDLC) by breaking down silos between development and operations, it left a critical gap: security. In a landscape where cyberattacks are growing in sophistication and frequency, treating security as an afterthought is no longer a viable strategy.

Securing your Docker containers just got a lot easier. On December 17, Docker announced that their catalog of over 1,000 Docker Hardened Images (DHI)—previously a premium-only feature—is now free and open source. This big change means every developer can now start their Dockerfile with a minimalist, near-zero CVE, SLSA Level 3 compliant foundation.

For more than three decades, cybersecurity innovation and investment have followed a familiar rhythm. Each major wave—network security, endpoint security, identity, cloud, and data—spawned new platform winners and reshaped the M&A landscape. Today, we stand at the threshold of the next foundational shift. The digital and physical worlds have converged to such an extent that machines—not humans—are the primary operators of enterprise networks.

When fraudulent apps pretend to be you, the damage rarely starts in your codebase. It starts in places most security programs don’t watch closely enough: app stores, third-party marketplaces, and alternate distribution channels. Every well-known app eventually gets cloned. Sometimes it looks harmless. Most times, it isn’t. A publisher in a regional marketplace copies your icon and description. A third-party store mirrors your listing but swaps the developer name.