Welcome to today's edition of Secret CISO, where we unravel the intricate web of cybersecurity threats and defenses. In this issue, we delve into a series of alarming data breaches that have rocked both public and private sectors, from congressional emails to healthcare data, highlighting the persistent vulnerabilities in our digital infrastructure.

We also explore the evolving landscape of AI security, where new research reveals the persistent risks of data leaks through AI agents like ChatGPT, and the emerging threat of multimodal attacks that exploit AI tools. As hackers find innovative ways to counteract surveillance technologies, the importance of robust and adaptive security measures becomes ever more critical.

Finally, we bring you the latest on critical vulnerabilities affecting popular software and platforms, from React Router to WordPress plugins, underscoring the urgent need for vigilance and timely updates to protect against exploitation.

Join us as we navigate these pressing issues, offering insights and strategies to fortify your defenses in an increasingly complex cyber world.

Data Breaches

1. Salt Typhoon Hackers Hit Congressional Emails in New Breach: A new data breach has been reported involving Salt Typhoon hackers targeting congressional emails. This breach highlights vulnerabilities in government networks, which often operate under different security assumptions, allowing adversaries to extract sensitive data. Source: BankInfoSecurity.
2. Illinois Department of Human Services (IDHS) Data Breach: The Illinois Department of Human Services disclosed a data breach affecting 700,000 individuals due to misconfigured privacy settings. This breach exposed personal and health data, raising concerns about the department's data security practices. Source: Security Affairs.
3. Personal Medical Data Exposed in Healthcare Interactive, Inc. Data Breach: A South Carolina healthcare company, Healthcare Interactive, Inc., confirmed a data breach that potentially exposed sensitive personal and medical information of over 100,000 residents. This incident underscores the importance of robust data protection measures in healthcare. Source: WIS.
4. Brett Robinson Vacation Rental Data Breach Investigation: Strauss Borrelli PLLC is investigating a data breach involving Brett Robinson Vacation Rental. The breach has raised concerns about the security of customer data and potential legal actions are being considered. Source: Strauss Borrelli PLLC.
5. Harmony Health Data Breach Exposes SSNs, More: Harmony Health experienced a data breach that exposed sensitive information, including Social Security Numbers. Legal experts are exploring the possibility of a class action lawsuit to help victims recover damages. Source: Class Action.

Security Research

1. ZombieAgent ChatGPT Attack Shows Persistent Data Leak Risks of AI Agents: Security researchers from Radware have uncovered vulnerabilities in ChatGPT's connections to third-party applications, demonstrating how these can be exploited to create indirect prompt injections. This research highlights the ongoing risks of data leaks associated with AI agents, emphasizing the need for robust security measures in AI integrations. Source: CSO Online.
2. How Hackers Fight Back Against ICE Surveillance Tech: The Electronic Frontier Foundation (EFF) security researcher Cooper Quintin discusses methods used by hackers to counteract ICE's surveillance technologies. This research underscores the power individuals and groups have to resist invasive surveillance, promoting awareness and strategies to protect privacy. Source: The Register.
3. The 11 Runtime Attacks Breaking AI Security — and How CISOs Are Stopping Them: Gartner's research identifies critical runtime attacks on AI systems and provides insights into how Chief Information Security Officers (CISOs) can mitigate these threats. The study emphasizes the importance of proactive security strategies as businesses increasingly adopt generative AI technologies. Source: VentureBeat.
4. The Coming Wave of Multimodal Attacks: When AI Tools Become the New Exploit Surface: Amanda Rousseau, a Principal AI Security Researcher at Straiker, explores the emerging threat of multimodal attacks leveraging AI tools. This research highlights the evolving landscape of cybersecurity threats and the necessity for adaptive defense mechanisms. Source: Unite.AI.
5. New Pentagon Research Security Initiatives Announced Following Select Committee Investigations: The Pentagon has introduced new initiatives to enhance research security, following investigations by a Select Committee. These measures aim to safeguard taxpayer dollars and ensure the integrity of research funded by the Department of Defense. Source: Select Committee on the CCP.

Top CVEs

1. CVE-2026-22029: React Router and Remix SPA open navigation redirects can result in unsafe URLs causing unintended JavaScript execution on the client. This vulnerability affects versions prior to 1.23.2 and 7.11.0, and has been patched in later versions. Source: Vulners.
2. CVE-2025-69194: A security issue in GNU Wget2 when handling Metalink documents allows attackers to write files to unintended locations, potentially leading to data loss or further system compromise. Source: Vulners.
3. CVE-2025-70974: Fastjson mishandles autoType, allowing JNDI injection with an attacker-supplied payload, due to an incomplete fix for a previous CVE. This vulnerability has been exploited in the wild. Source: Vulners.
4. CVE-2025-67004: An Information Disclosure vulnerability in CouchCMS 2.4 allows an Admin user to read arbitrary files, potentially exposing source code or other confidential information. Source: Vulners.
5. CVE-2025-14736: The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to Privilege Escalation, allowing unauthenticated attackers to register as administrators and gain complete control of the site. Source: Vulners.

Final Words

As we wrap up today's edition of Secret CISO, it's clear that the landscape of cybersecurity is as dynamic and challenging as ever. From the halls of Congress to healthcare facilities, and from AI vulnerabilities to the latest CVEs, the threats we face are diverse and evolving. Each story we've covered today serves as a reminder of the critical importance of vigilance, proactive defense, and continuous learning in our field.

Whether it's the Salt Typhoon hackers breaching congressional emails or the persistent risks posed by AI agents, these incidents highlight the need for robust security measures and innovative strategies to protect sensitive information. The ongoing battle against cyber threats requires not just awareness but also collaboration and shared knowledge.

If you found today's insights valuable, consider sharing this newsletter with your friends and colleagues. Together, we can build a stronger, more informed community ready to tackle the challenges of tomorrow. Stay secure, stay informed, and see you in the next edition of Secret CISO!