Welcome to today's edition of Secret CISO, where we unravel the intricate web of cybersecurity challenges and breakthroughs. As October unfolds, the digital landscape is rife with both cautionary tales and innovative strides.

In a striking narrative of data breaches, we delve into the recent incidents affecting major entities like Volvo Group North America and Boyd Gaming, where sensitive employee data has been compromised, leading to legal battles and investigations. Meanwhile, the Georgia Department of Community Health takes a proactive stance by offering free credit monitoring to Medicaid members after a potential breach, showcasing a commitment to safeguarding personal information.

On the technology front, Google Workspace grapples with the shadow SaaS dilemma, highlighting the urgent need for robust oversight to prevent unauthorized software from becoming a security liability. Simultaneously, the cybersecurity community witnesses a surge in AI-driven vulnerability reports, reshaping the threat landscape as AI becomes both a tool and a target for cyber threats.

In the realm of vulnerabilities, critical flaws in popular platforms like Python's pyfory and Splunk Enterprise underscore the relentless pursuit of security patches to thwart potential exploits. As we navigate these challenges, the Horizon Europe initiative injects €141 million into research projects aimed at fortifying Europe's security infrastructure, promising a safer future for its citizens.

Join us as we explore these stories and more, offering insights and strategies to empower you in the ever-evolving world of cybersecurity.

Data Breaches

1. Volvo Group North America LLC Data Breach: Volvo Group North America has experienced a data breach compromising the sensitive personal data of current and former employees. This incident has raised significant concerns regarding the security measures in place to protect employee information. An investigation has been launched by Levi & Korsinsky, LLP to address the breach and its implications. Source: CBS42
2. Five Lawsuits Filed Against Boyd Gaming Following Recent Data Breach: Boyd Gaming is facing five lawsuits after a data breach allowed hackers to access and remove certain employee information and records from their systems. The breach has led to legal actions as affected parties seek accountability and compensation for the compromised data. Source: Gaming America
3. Medicaid Members Offered Free Credit Monitoring After Possible Data Breach: The Georgia Department of Community Health (DCH) and Gainwell have offered free credit monitoring to Medicaid members following a potential data breach. This precautionary measure aims to protect affected individuals from identity theft and financial fraud. Source: Georgia Department of Community Health
4. York County School of Technology Data Breach Settlement: Individuals notified by York County School of Technology about a 2023 data breach may be eligible to claim up to $5000 from a class action settlement. The breach involved unauthorized access to sensitive information, prompting legal action and compensation for affected individuals. Source: Claim Depot
5. Prosper Funding Data Breach Investigation: Lynch Carpenter is investigating claims related to a data breach at Prosper Funding. Affected individuals who received a breach notification may be entitled to compensation, and they are encouraged to contact legal representatives to discuss their options. Source: GlobeNewswire

Security Research

1. Google Workspace isn't built to handle shadow SaaS: This research highlights the challenges Google Workspace faces in managing shadow SaaS applications, which can lead to security vulnerabilities. The study emphasizes the need for better oversight and control mechanisms to mitigate risks associated with unauthorized software usage. Source: SecurityBrief Asia.
2. Security expert questions Fortra's response to latest GoAnywhere MFT vulnerability: The response to CVE-2025-10035 by Fortra has been criticized by security experts for its lack of comprehensive advisories and Indicators of Compromise (IOCs). This has raised concerns about the effectiveness of the vulnerability disclosure process and the potential risks it poses to users. Source: CyberDaily AU.
3. AI vulnerability reports surge as hackbots reshape cyber risks: A new report indicates a significant increase in AI-driven security research, with 70% of researchers now integrating AI into their methodologies. This shift is reshaping the landscape of cyber risks, as AI tools become both a target and a tool for cyber threats. Source: SecurityBrief Australia.
4. €141 million boosts 36 new research projects for a safer Europe: The Horizon Europe Civil Security for Society call has funded 36 new research projects aimed at enhancing security across Europe. These projects will leverage science and technology to address various security challenges, promoting a safer environment for European citizens. Source: Open Access Government.
5. BNB Chain's X Account Hacked to Promote Phishing Airdrop and Meme Coin: A security breach on BNB Chain's X account led to the promotion of a phishing scam involving airdrops and meme coins. The attack involved a deceptive URL trick, highlighting the ongoing threat of phishing tactics in the blockchain space. Source: CoinLaw.

Top CVEs

1. CVE-2025-61622: Deserialization of untrusted data in Python's pyfory versions 0.12.0 through 0.12.2, and legacy pyfury versions from 0.1.0 through 0.10.3, allows arbitrary code execution. An attacker can exploit this by crafting a data stream that triggers a vulnerable deserialization process, leading to remote code execution. Users should upgrade to pyfory version 0.12.3 or later to mitigate this vulnerability. Source: Vulners
2. CVE-2025-20371: In Splunk Enterprise and Splunk Cloud Platform, versions below specified thresholds are vulnerable to a blind server-side request forgery (SSRF) attack. This flaw allows an unauthenticated attacker to perform REST API calls on behalf of an authenticated high-privileged user, potentially compromising sensitive data and system integrity. Users are advised to update to the latest versions to protect against this vulnerability. Source: Vulners
3. CVE-2025-61588: RISC Zero's zero-knowledge verifiable computing platform, based on zk-STARKs and RISC-V microarchitecture, has a critical vulnerability in versions 2.0.2 and below. The flaw allows the host to write to arbitrary memory locations in the guest, leading to potential arbitrary code execution. This affects all guest programs built with the vulnerable versions, compromising their security guarantees. The issue is resolved in risc0-zkvm-platform 2.1.0 and other updated versions. Source: Vulners

Final Words

As we wrap up today's edition of Secret CISO, it's clear that the landscape of cybersecurity is ever-evolving and fraught with challenges. From data breaches affecting major corporations like Volvo Group North America and Boyd Gaming, to vulnerabilities in widely-used platforms such as Google Workspace and Splunk, the need for robust security measures has never been more critical.

We've also seen how organizations are responding to these threats, whether it's through offering free credit monitoring to affected individuals, as seen with Medicaid members in Georgia, or through legal actions and settlements, like those involving York County School of Technology and Prosper Funding. These responses highlight the importance of accountability and proactive measures in safeguarding sensitive information.

Moreover, the rise of AI-driven security research and the substantial funding for security projects in Europe underscore the global commitment to enhancing cybersecurity. However, incidents like the phishing scam on BNB Chain's X account remind us that vigilance is key in the face of persistent threats.

As we continue to navigate these complex issues, we encourage you to share this newsletter with your friends and colleagues. By spreading awareness and fostering a community of informed individuals, we can collectively work towards a safer digital environment. Thank you for being a part of Secret CISO, and we look forward to bringing you more insights and updates in our next edition.