Welcome to today's edition of Secret CISO, where we unravel the intricate web of cybersecurity challenges and breakthroughs. In this issue, we delve into a series of alarming data breaches that have rocked the healthcare sector, with the University of Hawaii Cancer Center and Canopy Healthcare both falling victim to cyberattacks. These incidents underscore the critical need for robust security measures and timely communication in protecting sensitive patient information.

Meanwhile, the e-commerce giant Coupang faces potential business suspension amid an ongoing data breach investigation, highlighting the regulatory pressures companies face in safeguarding consumer data. South Korea's Trade Minister has clarified that this issue stands apart from broader trade or diplomatic matters, emphasizing the focus on data protection.

On the frontier of technology, Arctic research is shaping U.S. homeland security strategies, while the rise of AI-assisted "vibe coding" introduces new vulnerabilities that demand attention. Radware's discovery of the ZombieAgent zero-click vulnerability in OpenAI agents further accentuates the risks in AI-driven applications.

In the realm of software development, a security researcher has uncovered a staggering 17,000 secrets exposed in public GitLab repositories, a stark reminder of the importance of securing code repositories. Additionally, we explore the latest vulnerabilities, including a critical XML validation flaw in Apache Struts and a SQL injection vulnerability in jiujiujia's applications, urging users to take immediate action.

Join us as we navigate these pressing cybersecurity issues, offering insights and strategies to fortify your defenses in an ever-evolving digital landscape.

Data Breaches

1. Hackers Accessed University of Hawaii Cancer Center Patient Data: A recent breach at the University of Hawaii Cancer Center exposed sensitive patient data, raising concerns about the security measures in place to protect such information. The breach was not immediately reported, leading to questions about compliance with state laws requiring timely notification. This incident highlights the ongoing vulnerabilities in healthcare data security. Source: SecurityWeek.
2. FTC Chief Says Business Suspension of Coupang Possible Amid Data-Breach Probe: Coupang, a major e-commerce platform, is under scrutiny following a significant data breach. The FTC has warned that business suspension could be a consequence if the company fails to adequately address the breach and protect consumer data. This development underscores the regulatory pressures companies face in safeguarding personal information. Source: Korea Herald.
3. Canopy Healthcare Alerts Patients to a Data Breach That Occurred Six Months Ago: Canopy Healthcare has notified patients of a data breach that occurred six months prior, affecting a significant number of individuals. The delay in notification has sparked criticism and concerns over the transparency and responsiveness of healthcare providers in managing data security incidents. This case emphasizes the importance of timely communication in breach management. Source: NZ Herald.
4. S. Korea's Trade Minister Says Coupang's Data Breach Is Separate Issue from Trade or Diplomacy: South Korea's Trade Minister has clarified that the data breach at Coupang is being treated as a separate issue from trade or diplomatic matters. This statement aims to isolate the incident from broader geopolitical concerns, focusing on the need for robust data protection measures within the company. Source: YouTube.
5. Another Health Provider Targeted by Data Breach: Canopy Healthcare, a major diagnostic provider, has been targeted in a significant data breach. This incident adds to the growing list of healthcare organizations facing cyberattacks, highlighting the sector's vulnerability and the urgent need for enhanced cybersecurity protocols. The breach has raised alarms about the protection of sensitive health information. Source: Stuff.

Security Research

1. Hackers Accessed University of Hawaii Cancer Center Patient Data: Hackers gained unauthorized access to sensitive patient data at the University of Hawaii Cancer Center. The breach raised concerns about the exposure of Social Security numbers and whether any ransom was paid to the attackers. The incident highlights the ongoing vulnerabilities in healthcare data security. Source: SecurityWeek.
2. How Arctic Research is Influencing U.S. Homeland Security Strategy: Arctic research is playing a crucial role in shaping U.S. homeland security strategies. The research focuses on understanding the unique challenges and opportunities presented by the Arctic region, which is becoming increasingly important due to geopolitical and environmental changes. This strategic shift underscores the need for enhanced security measures in the Arctic. Source: HSToday.
3. The Vibe Coding Security Gap: Security researchers are raising alarms about the security risks associated with the rapid adoption of AI-assisted "vibe coding." This new trend in software development introduces vulnerabilities that could be exploited by malicious actors, emphasizing the need for robust security measures in AI-driven coding environments. Source: Australian Cyber Security Magazine.
4. Radware Uncovers ZombieAgent, a Zero-Click AI Vulnerability in OpenAI Agents: Radware has identified a critical zero-click vulnerability, dubbed ZombieAgent, in OpenAI agents. This vulnerability allows attackers to exploit AI systems without user interaction, posing significant risks to AI-driven applications. The discovery highlights the importance of securing AI technologies against emerging threats. Source: The Fast Mode.
5. Security Researcher Uncovers 17,000 Secrets in Public GitLab Repositories: A security researcher has discovered thousands of sensitive secrets exposed in public GitLab repositories. This finding demonstrates the inadvertent risks posed by developers who fail to secure their code repositories, underscoring the need for better security practices in software development. Source: MSN.

Top CVEs

1. CVE-2025-68493: Missing XML Validation vulnerability in Apache Struts affects versions from 2.0.0 before 2.2.1 and from 2.2.1 through 6.1.0. This vulnerability could allow attackers to exploit XML data processing, potentially leading to unauthorized access or data manipulation. Users are advised to upgrade to version 6.1.1 to mitigate this risk. Source: Vulners.
2. CVE-2025-10237: This CVE has been reserved for a future security issue, with details to be provided upon public disclosure. Organizations and individuals are advised to stay alert for updates regarding this potential vulnerability. Source: Vulners.
3. CVE-2026-0843: A SQL injection vulnerability has been identified in jiujiujia/victor123/wxw850227 jjjfood and jjjshopfood up to version 20260103. The vulnerability can be exploited remotely via manipulation of the 'latitude' argument in the /index.php/api/product.category/index file. Despite early notification, the vendor has not responded, leaving systems potentially exposed. Source: Vulners.

Final Words

As we wrap up today's edition of Secret CISO, it's clear that the landscape of cybersecurity is ever-evolving and fraught with challenges. From healthcare data breaches at the University of Hawaii Cancer Center and Canopy Healthcare to the regulatory pressures faced by companies like Coupang, the need for robust security measures is more pressing than ever.

We've also explored the fascinating intersection of Arctic research and U.S. homeland security strategies, highlighting the strategic importance of this region. Meanwhile, the emergence of AI vulnerabilities, such as the ZombieAgent in OpenAI agents, and the security gaps in vibe coding remind us of the critical need for vigilance in the tech world.

In the realm of software development, the discovery of thousands of secrets in public GitLab repositories serves as a stark reminder of the importance of securing our digital assets. And as we look ahead, vulnerabilities like CVE-2025-68493 in Apache Struts and the potential CVE-2025-10237 underscore the need for proactive measures to protect our systems.

We hope you found today's insights valuable. If you did, please consider sharing this newsletter with your friends and colleagues. Together, we can stay informed and better prepared to tackle the cybersecurity challenges that lie ahead. Until next time, stay safe and secure!