Welcome to today's edition of Secret CISO, where we unravel the tangled web of cybersecurity incidents and vulnerabilities that are shaping the digital landscape. In this issue, we dive into a series of breaches and vulnerabilities that underscore the ever-present threats lurking in the shadows of our interconnected world.

First, we explore the Match Group breach that has sent shockwaves through the dating world, exposing user data from popular platforms like Hinge, Tinder, OkCupid, and Match. This incident raises critical questions about user privacy and the measures companies must take to protect sensitive information.

Meanwhile, in Spain, a staggering number of personal data breach notifications highlight the relentless tide of cyber incidents, driven largely by ransomware and cyber intrusions. This serves as a stark reminder of the need for robust cybersecurity defenses across all sectors.

In the fintech realm, Marquis points fingers at SonicWall for a breach that exposed sensitive data, illustrating the complex web of dependencies in cybersecurity and the importance of securing third-party services. This theme of interconnected risks continues as we delve into the vulnerabilities of open-source AI models, which researchers warn are ripe for criminal exploitation.

On the tech front, Microsoft has patched critical vulnerabilities that could allow attackers to bypass administrator protections, emphasizing the necessity of regular updates and vigilance. Similarly, Google's takedown of the IPIDEA residential proxy network showcases the ongoing battle against cybercrime and the power of collaboration in the tech industry.

Finally, we highlight a series of vulnerabilities affecting various systems, from NETGEAR products to Interinfo DreamMaker, each posing unique security challenges that demand attention and action.

Stay informed and stay secure with Secret CISO, as we continue to bring you the latest insights and analyses from the world of cybersecurity.

Data Breaches

1. Match Group Breach Exposes Data from Hinge, Tinder, OkCupid, and Match: The Match Group has confirmed a security incident that compromised user data across its popular dating platforms, including Hinge, Tinder, OkCupid, and Match. The breach has raised concerns about user privacy and data protection, prompting the company to take immediate action to secure its systems and investigate the extent of the breach. Source: Bleeping Computer.
2. Spain Logs Nearly 2,800 Personal Data Breach Notifications in 2025: The Spanish Data Protection Agency reported receiving 2,765 notifications of personal data breaches in 2025, highlighting the prevalence of cyber incidents in the country. The breaches, primarily driven by ransomware and cyber intrusions, underscore the need for enhanced cybersecurity measures across various sectors. Source: Babl.ai.
3. Fintech Firm Marquis Blames Hack at Firewall Provider SonicWall for Its Data Breach: Marquis, a fintech company, has attributed a recent data breach to a security lapse at its firewall provider, SonicWall. The breach exposed sensitive data, prompting Marquis to seek compensation for the incurred expenses and to reassess its cybersecurity strategies. Source: TechCrunch.
4. Blue Cross Blue Shield Argues State Investigation Should Be Halted: Following a significant data breach, Blue Cross Blue Shield is facing a state investigation and legal challenges in Montana. The breach, deemed the largest in the state's history, has led to widespread frustration among affected individuals and calls for accountability. Source: Daily Montanan.
5. AI-powered Insurance Platform Breach Impacts 3.1M Individuals: Healthcare Interactive, known as HCIactive, reported a data breach affecting 3.1 million individuals. The breach, involving an AI-powered insurance platform, has raised concerns about the security of personal health information and the potential for future cyber threats. Source: TechTarget.

Security Research

1. Microsoft patches Windows Administrator Protection bypass vulnerabilities: Security researcher James Forshaw identified nine vulnerabilities related to User Account Control (UAC) issues in Windows. These vulnerabilities could allow attackers to bypass administrator protections, posing a significant risk to systems. Microsoft has released patches to address these vulnerabilities, highlighting the importance of regular updates and vigilance in system security. Source: SC Media.
2. Open-source AI models vulnerable to criminal misuse, researchers warn: A joint study by cybersecurity companies SentinelOne and Censys has revealed that open-source AI models are susceptible to exploitation by cybercriminals. The research underscores the need for robust security protocols to prevent misuse and protect sensitive data. This finding is crucial as AI models become increasingly integrated into various applications. Source: Yahoo Finance.
3. Fintech firm Marquis blames hack at firewall provider SonicWall for its data breach: Marquis, a fintech company, attributes a data breach to a security incident at SonicWall, a firewall provider. The breach exposed sensitive customer information, highlighting the interconnected nature of cybersecurity risks and the importance of securing third-party services. This incident serves as a reminder of the vulnerabilities in supply chain security. Source: TechCrunch.
4. Breach Roundup: Android RAT Hides Behind Hugging Face: Bitdefender's research has uncovered a new Android Remote Access Trojan (RAT) that disguises itself using the Hugging Face platform. This malware can bypass security controls, posing a threat to Android users. The discovery emphasizes the need for continuous monitoring and updating of security measures to counter evolving threats. Source: GovInfoSecurity.
5. Google busts giant IPIDEA residential proxy network: Google has dismantled the IPIDEA residential proxy network, which was used for various illicit activities. The operation involved collecting digital certificates linked to the network, revealing its extensive reach. This action highlights the ongoing efforts to combat cybercrime and the importance of collaboration between tech companies and security researchers. Source: iTnews.

Top CVEs

1. CVE-2026-24714: Some end-of-service NETGEAR products have a vulnerability in their "TelnetEnable" functionality. This allows a magic packet to activate the telnet service on the device, potentially exposing it to unauthorized access. Source: Vulners.
2. CVE-2026-24728: Interinfo DreamMaker versions before 2025/10/22 have a critical vulnerability in the /servlet/baServer3 endpoint. This flaw allows remote attackers to access administrative functions without authentication, posing a significant security risk. Source: Vulners.
3. CVE-2026-24729: A vulnerability in Interinfo DreamMaker versions before 2025/10/22 allows for the unrestricted upload of files with dangerous types. This can enable remote attackers to execute arbitrary system commands using a malicious class file. Source: Vulners.
4. CVE-2020-36995: Mocha Telnet Lite for iOS 4.2 is susceptible to a denial of service vulnerability. Attackers can crash the application by manipulating the user configuration input, specifically by overwriting the 'User' field with 350 bytes of repeated characters. Source: Vulners.

Final Words

As we wrap up today's edition of Secret CISO, it's clear that the digital landscape is as dynamic as ever, with new challenges emerging at every turn. From the Match Group's breach affecting millions of dating app users to the vulnerabilities in open-source AI models, the stories we've covered today underscore the critical importance of robust cybersecurity measures.

Whether it's the ongoing battle against ransomware in Spain or the intricate web of supply chain vulnerabilities highlighted by the Marquis and SonicWall incident, these events serve as a reminder that vigilance and proactive strategies are essential in safeguarding our digital world.

As we continue to navigate these complex issues, remember that staying informed is your first line of defense. We encourage you to share this newsletter with your friends and colleagues. By spreading awareness, we can collectively enhance our understanding and resilience against cyber threats.

Thank you for joining us today. Stay secure, stay informed, and we'll see you in the next edition of Secret CISO.