Welcome to today's edition of Secret CISO, where we unravel the tangled web of cybersecurity breaches and the relentless pursuit of data protection. In a world where information is the new currency, the stakes have never been higher.

Our journey begins with the prestigious auction house Sotheby's, now grappling with a data breach that has left its customers' sensitive information exposed. This incident raises pressing questions about the security protocols of even the most esteemed institutions.

Meanwhile, AT&T faces the aftermath of its own data breach, with a $177 million settlement offering a stark reminder of the financial toll such incidents can impose. As affected customers line up for compensation, the broader implications for corporate responsibility in safeguarding data are clear.

In a startling revelation, over 23 million individuals fell victim to data breaches in just the third quarter of 2025, a testament to the persistent and pervasive threat that looms over personal and corporate data alike.

Adding to the narrative, a 15-year-old inadvertently triggered Western Australia's largest public health data breach, underscoring the vulnerabilities that can arise from unexpected quarters.

On the technological front, leaks in the Microsoft VS Code Marketplace have put the software supply chain at risk, prompting urgent calls for enhanced security measures. This incident serves as a critical reminder of the interconnected nature of modern cybersecurity threats.

As we delve deeper, we explore the exploits of state-sponsored actors, the need for reform in vulnerability scoring systems, and the emerging threats posed by malicious AI connections and Linux rootkits. Each story weaves into the next, painting a vivid picture of the cybersecurity landscape and the relentless battle to protect what matters most.

Join us as we navigate these complex narratives, offering insights and strategies to fortify your defenses in an ever-evolving digital world.

Data Breaches

1. Sotheby's Data Breach Exposes Customer Information: Major international auction house Sotheby's has reported a data breach incident where threat actors accessed and stole sensitive customer information. The breach has raised concerns about the security measures in place at Sotheby's and the potential impact on affected customers. Source: Bleeping Computer.
2. AT&T's $177 Million Data Breach Settlement: A judge has extended the deadline for claims related to AT&T's $177 million data breach settlement. Affected customers can claim up to $7500 as compensation for the breach, which exposed personal data. This settlement highlights the ongoing challenges companies face in protecting customer information. Source: ZDNet.
3. Over 23 Million Victims Hit by Data Breaches in Q3: A report by Infosecurity Magazine reveals that over 23 million individuals were affected by data breaches in the third quarter of 2025. The report tracked 835 separate incidents, underscoring the persistent threat of data breaches and the need for robust cybersecurity measures. Source: Infosecurity Magazine.
4. Therapeutic Health Services Settlement Over 2024 Data Breach: Therapeutic Health Services has reached a $790,000 settlement to resolve a class action lawsuit stemming from a 2024 data breach. Affected individuals can seek reimbursement for out-of-pocket losses related to the breach, highlighting the financial repercussions of inadequate data protection. Source: Class Action.
5. WA's Biggest Data Breach Triggered by 15-Year-Old: A 15-year-old autistic boy inadvertently triggered Western Australia's largest public health data breach. This incident highlights the vulnerabilities in data systems and the challenges of securing sensitive information against unintended breaches. Source: ABC News.

Security Research

1. Leaks in Microsoft VS Code Marketplace Put Supply Chain at Risk: Researchers discovered over 550 unique secrets exposed in Visual Studio Code marketplaces, prompting Microsoft to enhance security measures. This exposure highlights the critical need for robust security practices in software supply chains to prevent potential exploitation. Source: Dark Reading.
2. Breach Roundup: Chinese Hackers Exploited ArcGis: Security researcher Valentin Lobstein, known as Chocapikk, identified and reported a vulnerability in ArcGis to the vendor and VulnCheck. This breach underscores the ongoing threat posed by state-sponsored actors and the importance of timely vulnerability disclosure. Source: GovInfoSecurity.
3. CVE, CVSS Scores Need Overhauling, Argues Codific CEO: The CEO of Codific argues that the current CVE and CVSS scoring systems are inadequate for modern cybersecurity needs. This call for reform suggests a need for more nuanced and dynamic vulnerability assessment frameworks. Source: The Register.
4. When Trusted AI Connections Turn Hostile: A new cybersecurity study warns of malicious MCP server attacks that can hijack AI systems, evade scanners, and expose sensitive data. This research highlights the vulnerabilities in AI systems and the need for enhanced security measures. Source: Help Net Security.
5. Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in "Zero Disco" Attacks: Cybersecurity researchers have disclosed a campaign exploiting a security flaw in Cisco IOS Software, deploying Linux rootkits. This incident emphasizes the importance of patch management and monitoring for unusual activity in network systems. Source: The Hacker News.

Final Words

As we wrap up today's edition of Secret CISO, it's clear that the digital landscape is fraught with challenges and opportunities for learning. From Sotheby's data breach to the inadvertent actions of a young boy in Western Australia, each story underscores the critical importance of robust cybersecurity measures and the unpredictable nature of threats.

We've seen how companies like AT&T and Therapeutic Health Services are navigating the aftermath of breaches, highlighting the financial and reputational stakes involved. Meanwhile, the exposure of secrets in Microsoft's VS Code Marketplace and the exploitation of vulnerabilities by state-sponsored actors remind us of the ever-evolving tactics used by cyber adversaries.

As we continue to explore these stories, it's essential to stay informed and vigilant. The call for reform in vulnerability assessment frameworks and the emerging threats in AI systems are just a few areas where attention and innovation are needed. Together, we can foster a more secure digital environment.

If you found today's insights valuable, please share this newsletter with your friends and colleagues. Let's build a community of informed and proactive cybersecurity professionals, ready to tackle the challenges of tomorrow.

Stay safe and secure, and we'll see you in the next edition of Secret CISO!