Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

foresiet

MongoBleed (CVE-2025-14847): How to Fix the Critical MongoDB Memory Leak

Dec 31, 2025 By foresiet In Foresiet
CVE-2025-14847, nicknamed MongoBleed, is a high-severity (CVSS 7.5–8.7) unauthenticated information disclosure vulnerability in MongoDB Server. It allows remote attackers to leak uninitialized heap memory containing sensitive data—such as credentials, API keys, session tokens, and PII—without authentication. Exploitation occurs pre-authentication via malformed zlib-compressed network packets on port 27017.
Read Post
appknox

Brand Abuse in App Stores: Why Fake Apps Keep Winning & What Security Teams Miss

Dec 31, 2025 By Rucha Wele In Appknox
Brand abuse in app stores is no longer opportunistic. It has become repeatable, scalable, and persistent. Attackers do not publish one fake app and disappear. They operate in cycles. A fake app is uploaded, value is extracted, a takedown occurs, and a near-identical version reappears under a new developer identity. This loop runs continuously across regions, marketplaces, and distribution channels. For security teams, this changes the mandate.
Read Post
appknox

How modified APKs disguise themselves as your app across third-party stores

Dec 31, 2025 By Rucha Wele In Appknox
Attackers don’t need to breach your infrastructure to harm your users. They don’t need source code access, credentials, or backend vulnerabilities. They just need your public APK. Once your app is publicly available, attackers can download it, decompile it, inject malicious code, repackage it, and redistribute it through third-party app stores and unofficial marketplaces.
Read Post
appknox

Your app store listings are changing without you noticing. Here's why it matters.

Dec 31, 2025 By Rucha Wele In Appknox
Most teams treat an app release as the finish line. The build clears CI/CD checks. Security scans pass. The app ships. Celebrations follow. But for mobile apps, the real exposure often begins after release, inside app stores, where metadata lives a completely different lifecycle from your code. App store listings are not static assets. They evolve constantly: What your team approved on day one may look very different to users on day ten.
Read Post
jfrog

Why Enterprise and Fortune 500 Companies are Leaving Snyk and Checkmarx for JFrog

Dec 31, 2025 By The JFrog Product Marketing Team In JFrog
Effectively protecting your software supply chain has reached a critical turning point where the traditional strategy of patching together “best of breed” or point AppSec solutions is no longer sustainable.
Read Post
egnyte

December Release Rollup: Model Selector, Splunk Integration, and More

Dec 31, 2025 By Sanjay Kosuri In Egnyte
We’re excited to share new updates and enhancements for December, including: For more info on these updates, see the list below and read the detailed articles. Please join the Egnyte Community to get the latest updates, chat with experts, share feedback, and learn from other users.
Read Post
cyberint

Our 2025 - Innovation, Intelligence, and Impact

Dec 31, 2025 By Gemma Goldstein In Cyberint
Following Cyberint’s acquisition by Check Point at the end of 2024, we’ve only accelerated across our platform and services. This year-in-review highlights the biggest achievements of 2025, spanning AI innovation, huge advancements in threat intelligence, brand protection, and attack surface management, global coverage and most importantly customer impact.
Read Post
Arctic Wolf

2025 Year in Review: Building the Future of Security Operations

Dec 31, 2025 By Nick Schneider In Arctic Wolf
Arctic Wolf entered 2025 with momentum and a clear focus: advancing security operations in ways that deliver measurable outcomes for organizations facing an increasingly complex threat environment. As the year comes to a close, we’re building on that momentum — strengthening our platform, expanding globally, and laying the foundation for what comes next in 2026.
Read Post
From Startup to Scale-Up: Why Indian Businesses Are Moving to Advance Servers

From Startup to Scale-Up: Why Indian Businesses Are Moving to Advance Servers

Dec 31, 2025 By SecuritySenses In SecuritySenses
The startup world in India is withering like never before. Founders are dreaming bigger, shipping faster and building fast, whether it is a two-person SaaS team in Bengaluru or a fintech disruptor in Mumbai. However, it is between the fun of traction and the mayhem of scale that reality kicks in, your infrastructure begins to groan. What starts as a basic server to host startups in India may not be able to sustain in case of the incoming real users. Page loads slow down. Security questions pop up. Periods of downtime is not merely an inconvenient thing anymore but it is also a business risk.
Read Post
Digital Security Risks During Separation or Divorce: Protecting Your Privacy When Relationships Break Down

Digital Security Risks During Separation or Divorce: Protecting Your Privacy When Relationships Break Down

Dec 31, 2025 By SecuritySenses In SecuritySenses
During separation or divorce, the breakdown of a relationship often brings unexpected digital risks alongside emotional and financial challenges. Many couples spend years sharing passwords, devices, and online accounts without a second thought. However, when trust erodes, this shared digital access can quickly turn into a serious cybersecurity and privacy concern. Understanding how digital exposure happens and how to manage it responsibly is becoming an essential part of modern family disputes.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.