Daily Threat Intel Digest - 2025-12-27

🔴 Critical Threats & Active Exploitation

[UPDATE] MongoBleed exploit released as mass exploitation looms
A public exploit for CVE-2025-14847 (dubbed MongoBleed) has been released, enabling unauthenticated memory reads against MongoDB deployments spanning the last decade. The exploit specifically targets credentials and secrets like database passwords and AWS keys stored in plain text. With over 200,000 internet-facing MongoDB instances globally, researchers warn of “high likelihood of mass exploitation” given the exploit’s simplicity [DoublePulsar]. MongoDB users should immediately patch vulnerable instances and monitor for suspicious activity, as the exploit allows attackers to extract sensitive data without authentication.

[NEW] GrubHub phishing campaign abuses legitimate subdomain
Attackers are sending sophisticated phishing emails claiming a “Holiday Crypto Promotion” from legitimate GrubHub subdomains (b.grubhub.com), promising 10x returns on Bitcoin deposits. The emails use recipient names and authentic branding to lend credibility, with messages originating from addresses like merry-christmast@b.grubhub.com. While GrubHub states they’ve “contained the issue,” the campaign suggests either a compromised email infrastructure or sophisticated DNS manipulation [BleepingComputer]. Organizations should block these domains and warn users about crypto-investment scams, as the technique represents a significant trust violation that could lead to widespread credential and financial theft.

⚠️ Vulnerabilities & Patches

[UPDATE] LangChain secret extraction flaw gains detailed analysis
New research provides expanded technical details for CVE-2025-68664 (CVSS 9.3), a critical serialization vulnerability in LangChain Core enabling secret extraction and unsafe object instantiation. The vulnerability exists in dumps() and dumpd() functions where user-controlled dictionaries containing the internal “lc” marker aren’t properly escaped. Attackers can manipulate LLM outputs to trigger deserialization attacks, potentially extracting environment variables and instantiating trusted classes with malicious parameters. The issue affects langchain-core versions >=1.0.0 and <1.2.5, with a related JavaScript issue (CVE-2025-68665) impacting @langchain/core [SOCRadar]. Developers should immediately patch and audit any code paths serializing untrusted inputs, especially LLM response metadata fields.

🛡️ Defense & Detection

[NEW] “Vault or Revoke” framework for leaked credential incidents
GitGuardian released new guidance for incident response teams facing leaked credentials, advocating for a nuanced approach between immediate revocation and maintaining business continuity. The framework emphasizes that without proper context about a credential’s usage, location, and criticality, responders risk causing production disruptions when revoking access. The solution involves maintaining comprehensive secret inventories with metadata about environment tags, rotation schedules, and service dependencies [GitGuardian]. Organizations should implement governance playbooks categorizing credentials by criticality to enable rapid, context-aware decisions during security incidents rather than defaulting to blanket revocation.

📋 Policy & Industry News

[NEW] OpenAI confirms exploration of ChatGPT advertising
OpenAI has acknowledged developing sponsored content features for ChatGPT that could prioritize paid content in AI responses. The “sponsored content” would appear alongside main responses, potentially in a sidebar format, raising concerns about AI manipulation and commercial bias in generative AI outputs [BleepingComputer]. While no immediate security implications exist, organizations should prepare for potential AI-driven social engineering risks as sponsored content could be weaponized by attackers to influence user behavior or distribute malicious recommendations.