Top 10 information management stories of 2025
No data, no artificial intelligence (AI) party. Without data, AI – whether traditional, generative, or agentic – cannot exist. No surprise, then, that the vogue…
Month: December 2025
U.S. CISA adds a flaw in MongoDB Server to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a flaw in MongoDB Server to its Known Exploited Vulnerabilities catalog Pierluigi Paganini December 30, 2025 U.S. Cybersecurity and Infrastructure Security Agency…
EmEditor Editor Website Hacked to Deliver Infostealer Malware in Supply Chain Attack
A major supply chain attack targeting EmEditor, a widely used text editor software, has exposed millions of users to sophisticated infostealer malware. Between December 19…
CNIL Slaps €1.7M GDPR Fine On NEXPUBLICA FRANCE
France’s data protection authority, the CNIL, has imposed a €1.7 million GDPR fine on software company NEXPUBLICA FRANCE for failing to implement adequate cybersecurity measures.…
Product showcase: RoboForm password manager for iOS
RoboForm is a password manager that helps users store and manage login credentials, identities, and other sensitive information in one place. The app is available…
Radio signals could give attackers a foothold inside air-gapped devices
Air-gapped systems are meant to stay quiet. Remove network ports, lock down inputs, and the device should have nothing to hear. A new study shows…
70,000+ MongoDB Servers Exposed After MongoBleed PoC Released
Over 74,000 MongoDB database servers remain vulnerable to a critical security flaw after proof-of-concept exploit code for the MongoBleed vulnerability became publicly available. The Shadowserver…
Executives say cybersecurity has outgrown the IT department
Cybersecurity has moved from a technical problem to a boardroom concern tied to survival. A global Rimini Street study of senior executives shows security risk…
EmEditor Website Breach Used to Spread Infostealer Malware
The popular text editor EmEditor fell victim to a sophisticated supply chain attack between December 19-22, 2025, in which attackers compromised the official website to…
Non-human identities push identity security into uncharted territory
Enterprises are grappling with an identity attack surface that keeps expanding and slipping out of reach, according to Veza. Permissions growth outstrips oversight Permissions now…
Security teams debate how much to trust AI
AI is reshaping how organizations operate, defend systems, and interpret risk. Reports reveal rising AI-driven attacks, hidden usage across enterprises, and widening gaps between innovation…
Murray Irrigation landholder data accidentally leaked
Murray Irrigation said data held in a geospatial information system was accidentally exposed, making it publicly accessible. The company, which operates under license from the…