Blog home
Releases

Mondoo Release Highlights November 2025

Tim Smith
Deborah Galea
December 8, 2025
4 min read

November has already flown by, and it’s time to take a look at all the enhancements we accomplished. This month we added new Mondoo Security Advisories designed to keep you ahead of emerging threats. We also expanded our vulnerability detection to include more applications and operating systems, as well as guided remediation steps to help you patch quickly. We beefed up our NPM package detection to bolster supply chain security, and added new network security capabilities. Dig in to find out more!

New Mondoo advisories

We’re excited to introduce new advisories prepared by the Mondoo research team. Mondoo security advisories will cover new security vulnerabilities, providing details on the issue, its potential impact, and recommended actions to mitigate the risk. Mondoo will automatically search for these vulnerabilities in customer environments, so they can take steps to protect their systems. We released our first advisory on the second coming of the Shai-Hulud worm, with many more to come.

Mondoo Shai-Hulud advisory

Application vulnerabilities: Ready, steady, patch

This month we added vulnerability detection for the following new apps:

  • TeamViewer
  • FortiClient

More importantly, we’ve added full remediation steps and code snippets for 30+ commonly used applications, including Adobe products, Notepad++, 7-Zip (including the recent CVE-2025-11001), Dropbox, Microsoft 365, Google Chrome, Mozilla Firefox, Microsoft Edge, and many more. In addition, we now offer agentic vulnerability patching for applications using the Mondoo security pipeline.

Mondoo provides a ready-to-use PowerShell script to fix the vulnerability

New vulnerability and EOL detections

We’ve expanded vendor advisory and vulnerability detection for these new operating systems and platforms:

  • macOS Tahoe 26
  • Huawei Cloud EulerOS (HCE)
  • AWS Bottlerocket

We also made the following improvements to vulnerability detection on AlmaLinux and AIX and improved our EOL risk factor to accurately reevaluate if a system is upgraded in place.

Mondoo shows findings and risk factors on MacOS Tahoe 26 asset

New and updated CIS policies

Staying current with new and updated CIS benchmarks ensures that you’re adhering to the latest guidelines and best practices. That’s why we continually add new CIS benchmarks and update existing ones. In November we made the following updates: 

  • Added CIS Rocky Linux 10 Benchmark 1.0
  • Updated CIS Rocky Linux 8 Benchmark policy 3.0 -> 4.0
  • Added 7 new checks to the CIS Microsoft 365 Foundation benchmark policy
  • Added support for Cortex EDR in the Mondoo EDR Policy

Improved NPM package detection support

NPM packages are pre-written code modules that can be installed and managed using the Node Package Manager (NPM) and other CLI tools. Because NPM packages often have deep dependency chains, compromising a single, widely used package can spread malicious code to numerous downstream projects and users, creating a supply chain attack. This month we’ve been busy beefing up our NPM detection capabilities as well as providing remediation guidance and automated fixes:

  • NPM package results include a new package.script field exposing scripts in the npm packages
  • Support for scoped npm packages
  • Improved detection of packages in multiple directories when using cnquery shell
  • Remediation steps in all NPM findings
Mondoo provides remediation for the Shai-Hulud NPM wormType image caption here (optional)

New network security capabilities

By identifying flaws in software and configurations of network devices, you can proactively patch and harden your networks, reducing your attack surface and protecting critical systems and data. This month, we made the following additions and improvements to our network security offering:

  • Cisco NX-OS assets now display in the Mondoo Console, including workspace filters
  • New CIS Cisco NX-OS Benchmark 1.2 released
  • Model and serial number asset inventory data now displayed for all Cisco devices
  • New EOL and CVE scanning support for FortiOS and Pan-OS using new panos and fortios providers for cnquery/cnspec.
  • Cumulus Linux network distribution support
Mondoo shows vulnerabilities on a Cisco device

Stay tuned for more great network security additions coming soon!

Expanded platform support

Yes, Mondoo scans literally everything. With our latest batch of new platforms, we can detect vulnerabilities and misconfigurations in the entire OS ecosystem. We now cover:

  • New openSUSE MicroOS, Nobara Linux, and Huawei Cloud EulerOS OS support.
  • Improved service detection on BSD systems, Alpine Linux with OpenRC installed, and systemd based Linux distributions.
  • New package detection support on Dragonfly BSD, EndeavourOS, AWS Bottlerocket, and Gentoo Linux.
  • New service detection support on Elementary Linux, MX Linux, Zorin OS, and Gentoo Linux.

Now that Mondoo supports over FIFTY unique operating systems we took the time to make it easier to deploy Mondoo onto systems. New simplified operating system integration pages make it easier to deploy Mondoo to the system of your choice and include updated commands to automatically run Mondoo as a service and keep it updated without additional effort. 

Mondoo shows all the commands you need to run Mondoo scans on Linux

That’s a wrap for November. We’ve already made a flying start to December, and we look forward to sharing all our new features soon!

Find and fix the security risks that pose the biggest threat to your business.

Get started

Ready to leave your attackers in the dust?

Schedule a demo

Tim Smith

Tim Smith is a Product Manager at Mondoo. He’s been working in web operations and software development roles since 2007 and port scanning class As since 1994. He downloaded his first Linux distro on a 14.4 modem. Tim most recently held positions at Limelight Networks, Cozy Co, and Chef Software.

Deborah Galea

Deborah is Director of Product Marketing at Mondoo and leads messaging and positioning, product launches, and sales enablement. She has 20+ years of experience in the cybersecurity industry. Prior to Mondoo, Deborah was Director of Product Marketing at Orca Security and held various marketing positions at other cybersecurity companies. She co-founded email security company Red Earth Software, which was acquired by cybersecurity firm OPSWAT in 2014.

You might also like

Vulnerabilities
How to Fix Critical React and Next.js Vulnerabilities (CVE-2025-55182 and CVE-2025-66478)
Christoph Hartmann
Deborah Galea
December 4, 2025
Releases
Why Exceptions Management is Key to an Enterprise Vulnerability Program
Tim Smith
Deborah Galea
December 1, 2025
Supply Chain Security
Navigating the Sands of Dune: Protecting NPM From the Shai-Hulud Worm
Patrick Münch
November 24, 2025

Sign up to receive Mondoo news:

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.