MongoBleed (CVE-2025-14847) Information Leak Vulnerability Exploited in the Wild
Overview A critical high-severity vulnerability, tracked as CVE-2025-14847 and nicknamed MongoBleed, has been disclosed in MongoDB Server and is already being actively exploited in…
How XM Cyber Helps Leading German Manufacturer Jeremias Strengthen Security and Focus Remediation
Jeremias Abgastechnik GmbH, a leading German manufacturer of flue, exhaust, and chimney systems, operates internationally with production facilities and sales subsidiaries across Europe and…
How XM Cyber Helps A Large Italian Financial Institution Prioritize Risk and Improve Security Posture
The security team at a large Italian financial services firm was overloaded with vulnerability data. Their traditional scanners flagged issue after issue, but didn’t…
XM Cyber Expands Attack Surface Coverage with Zero-Friction Discovery
An age-old cybersecurity cliché is that “you can’t protect what you can’t see.” But in today’s landscape, what you can’t see isn’t just unprotected,…
XM Cyber Helps Save the Children Strengthen Security and Prioritize What Matters
Save the Children operates critical programs across more than twenty countries, managing sensitive donor and beneficiary data globally. This diverse structure, where each location…
Why Continuous Exposure Management is the One Gift Your Team Needs This Holiday Season
The Holiday season is one of the most important periods of the year for e-commerce and retail organizations. Adobe estimates that “$253.4 billion will…
XM Cyber Helps Vinci Construction Fortify Global Security Posture and Dramatically Reduce Risk
Vinci Construction manages high-stakes infrastructure projects worldwide, including work on the Paris Metro, major highways, and airports. Operating in over 68 countries, any interruption…
XM Cyber Helps Leading Financial Services Provider Gain Real-Time Exposure Visibility
A leading financial market infrastructure provider, responsible for completing trades, safeguarding assets, and other essential financial services across global capital markets, needed a clearer…
XM Cyber Helps Global Retail Giant Secure Rapidly Expanding Infrastructure
The company’s rapid global growth, fueled by frequent acquisitions, created a highly diverse and complex IT environment. The security team relied on multiple tools,…
Announcing Enhanced EASM Capabilities for Validating End-to-End Risk
Last year, we introduced External Attack Surface Management (EASM) into the XM Continuous Exposure Management (CEM) platform. We knew then that identifying external risks…
JUMPSHOT: XM Cyber Uncovers Critical Local Privilege Escalation (CVE-2025-34352) in JumpCloud Agent
XM Cyber Researcher Hillel Pinto uncovered CVE-2025-34352, a critical vulnerability in the JumpCloud Remote Assist for Windows agent (versions prior to 0.317.0). The flaw allows any low-privileged local user to exploit insecure file operations—arbitrary file write/delete—performed by the agent running as NT AUTHORITY\SYSTEM within the user’s temporary directory.
XM Cyber and Bizerba
How a Global Leader Protects its Legacy with Continuous Security
Bizerba, a fifth-generation global leader in weighing technology, uses XM Cyber on STACKIT to secure its digital transformation, protect decades of customer trust, and…
