CISA Warns of Actively Exploited 'MongoBleed' Flaw; Supply Chain Attacks Double in 2025 Amid Holiday Ransomware Surge

Publication Date: December 29, 2025

Summary

This cybersecurity brief for December 28-29, 2025, covers several critical developments. CISA has issued an urgent warning about the 'MongoBleed' (CVE-2025-14847) vulnerability in MongoDB, now under active exploitation. Supply chain attacks continue to escalate, with Korean Air suffering a breach via a subsidiary, attributed to the Clop ransomware group exploiting an Oracle zero-day. A year-end report confirms that software supply chain attacks more than doubled in 2025. Ransomware groups, including Qilin and Medusa, capitalized on the holiday period to launch a wave of attacks, while malicious Chrome extensions were found to have stolen AI chat data from nearly a million users. Finally, Microsoft and Adobe released their last patches of the year, fixing over 190 vulnerabilities, including an actively exploited Windows zero-day.

Today New Articles

900,000+ Users Compromised: Malicious Chrome Extensions Steal ChatGPT & DeepSeek Conversations

A significant data theft campaign has been uncovered involving two malicious Google Chrome extensions that were installed by over 900,000 users. The extensions, which impersonated legitimate AI productivity tools, were designed to secretly capture and exfiltra...

DevMan Ransomware Group Claims Attack on U.S. Financial Firm Sharinc Inc.

The DevMan ransomware group has claimed responsibility for a cyberattack against Sharinc Inc., a U.S.-based financial organization. The claim was made on December 28, 2025, on the group's data leak site. The attackers have threatened to publish sensitive finan...

Software Supply Chain Attacks Doubled in 2025, Report Finds

A year-end security analysis published on December 29, 2025, reveals that software supply chain attacks more than doubled globally in 2025, with associated losses projected to reach $60 billion. The report, from CleanStart, indicates that this has become a sys...

Microsoft and Adobe Release December Patches for Over 190 Vulnerabilities

In their final security updates for 2025, Microsoft and Adobe addressed a combined total of over 190 vulnerabilities on December 28. Microsoft's Patch Tuesday release fixed 56 flaws, including a critical zero-day privilege escalation vulnerability (CVE-2025-62...

Critical XSS Flaw in WordPress Plugin 'Invelity SPS connect' Disclosed

A reflected cross-site scripting (XSS) vulnerability, tracked as CVE-2025-68876, was disclosed on December 28, 2025, affecting the 'Invelity SPS connect' WordPress plugin. The flaw, which has a CVSS score of 7.1, can be exploited by unauthenticated attackers a...

Article Updates

Qilin Ransomware Gang Adds Business Services Firm B Dynamic to Leak Site

Update:The Qilin ransomware group, previously noted for targeting B Dynamic, has significantly escalated its activity. A post-holiday surge between December 26-28, 2025, saw Qilin and other gangs claim over 15 new victims, including the Canadian software company Ques...

Clop Ransomware Breaches Barts Health NHS Trust via Oracle Zero-Day

Update:The ongoing Clop ransomware campaign, which exploits a critical zero-day vulnerability in Oracle E-Business Suite, has claimed another victim: Korean Air. The airline announced on December 29, 2025, that a supply chain attack targeting its former subsidiary, K...