Welcome to today's edition of Secret CISO, where we unravel the tangled web of cybersecurity threats and breaches that have emerged overnight. In a world where digital security is constantly under siege, today's stories paint a vivid picture of the challenges we face.

We begin with a staggering revelation: a massive data breach has exposed 183 million email credentials, including Gmail passwords, sending shockwaves through the cybersecurity community. This breach, one of the largest ever, underscores the urgent need for enhanced security measures.

Meanwhile, Conduent's disclosure of a breach originating from a 2024 cyberattack highlights the long-lasting impact of security lapses, affecting millions of Texans' personal and health information. As investigations continue, the importance of robust defenses becomes ever clearer.

In a twist of geopolitical intrigue, the Iranian Intel-linked Ravin Academy has fallen victim to a data breach, raising alarms about the exposure of sensitive cybersecurity training data. This incident serves as a stark reminder of the global nature of cyber threats.

On the corporate front, Transak USA's $601,000 class action settlement following a data breach illustrates the financial repercussions companies face when security is compromised. It's a cautionary tale for businesses everywhere to prioritize cybersecurity.

In the realm of vulnerabilities, researchers have uncovered significant flaws in OpenAI's Atlas browser and linked new spyware to Chrome zero-day attacks, highlighting the persistent threats targeting cutting-edge technologies.

Finally, we delve into the technical depths with critical vulnerabilities in Apache Tomcat, Pi-hole, MikroTik RouterOS, and more, emphasizing the relentless pursuit of security in an ever-evolving digital landscape.

Stay vigilant, stay informed, and join us as we navigate the complex world of cybersecurity in today's Secret CISO.

Data Breaches

1. Massive Data Breach Leaves 183 Million Email Credentials, Including Gmail Passwords, Exposed: Cybersecurity researchers have uncovered a significant data breach involving 183 million email credentials, including Gmail passwords. This breach is considered one of the largest credential dumps ever discovered, raising concerns about the security of personal information. Users are advised to change their passwords and enable two-factor authentication to protect their accounts. Source: Gadgets360
2. Conduent says data breach originally began with 2024 intrusion: Conduent has revealed that a data breach affecting several state agencies originated from a 2024 cyberattack. The breach has compromised the personally identifiable information (PII) and protected health information (PHI) of at least 4 million Texans. Investigations are ongoing to assess the full impact and to implement enhanced security measures. Source: Cybersecurity Dive
3. Iranian Intel-Linked Cybersecurity School Hit by Data Breach: Ravin Academy, linked to Iran's Ministry of Intelligence and Security, has suffered a data breach. The academy, which serves as a talent pipeline for the ministry, was sanctioned by the U.S. Department of Treasury. The breach has raised concerns about the potential exposure of sensitive information related to cybersecurity training and operations. Source: BankInfoSecurity
4. Data Breach at Vibra Hospital of Sacramento Under Investigation: Vibra Hospital of Sacramento is under investigation following a data breach. The breach has prompted class action law firms to specialize in data breaches to look into the incident. The investigation aims to determine the extent of the breach and the impact on patient data. Source: Newsweek
5. Transak USA $601,000 Data Breach Class Action Settlement: Transak USA has reached a class action settlement of $601,000 following a data breach that compromised consumer information. Affected individuals may be eligible to claim up to $1500 as part of the settlement. This case highlights the financial repercussions companies face following data breaches and the importance of robust cybersecurity measures. Source: Claim Depot

Security Research

1. 183 Million Email Passwords Leaked in Data Breach: Is Your Gmail Safe?
2. A massive data breach has exposed over 183 million email passwords, including millions linked to Gmail accounts. Security researcher Troy Hunt highlighted the breach, which was reportedly built from infostealer malware. Users are urged to enhance their security measures to protect their accounts. Source:
3. Hindustan Times
4. Researchers Find Vulnerabilities in OpenAI's Atlas Agentic Browser
5. Security researchers have identified vulnerabilities in OpenAI's newly developed Atlas web browser. The findings suggest that the browser, despite being AI-driven, has significant security flaws that could be exploited by malicious actors. This discovery raises concerns about the security of AI-powered applications. Source:
6. iTnews
7. Maryland Program Opens the Door for Public Cyber Testing
8. Maryland has launched a Vulnerability Disclosure Program inviting ethical hackers and residents to identify and report online vulnerabilities. This initiative aims to enhance the state's cybersecurity posture by leveraging community expertise to uncover potential threats. Source:
9. Government Technology
10. Memento Spyware Tied to Chrome Zero-Day Attacks
11. Researchers have linked a new spyware product from Memento Labs to recent Chrome zero-day attacks. This spyware is believed to be the successor to the notorious Hacking Team's tools, indicating a sophisticated level of threat targeting Chrome users. Source:
12. Dark Reading
13. Hackers Target Google Chrome Security Sandbox With 0Day Attack
14. A new attack, dubbed Operation ForumTroll, has been identified targeting Google Chrome's security sandbox. Security researcher Boris Larin from Kaspersky revealed the attack, which exploits a previously unknown vulnerability, posing a significant risk to Chrome users. Source:
15. Forbes

Top CVEs

1. CVE-2025-55752: A Relative Path Traversal vulnerability in Apache Tomcat allows attackers to manipulate request URIs to bypass security constraints, potentially leading to remote code execution if PUT requests are enabled. This affects multiple versions of Apache Tomcat, and users are advised to upgrade to secure versions. Source: Vulners.
2. CVE-2025-53533: Pi-hole Admin Interface versions 6.2.1 and earlier are vulnerable to reflected cross-site scripting (XSS) via a malformed URL path. This allows attackers to execute arbitrary JavaScript in the victim's browser. The issue has been patched in later versions. Source: Vulners.
3. CVE-2025-61481: An issue in MikroTik RouterOS v.7.14.2 and SwitchOS v.2.18 allows remote attackers to execute arbitrary code via the HTTP-only WebFig management interface. This vulnerability poses a significant risk due to its remote exploitability. Source: Vulners.
4. CVE-2025-12338: A SQL injection vulnerability in Campcodes Retro Basketball Shoes Online Store 1.0 allows remote attackers to manipulate the 'pid' argument, leading to potential data breaches. The exploit is publicly available, increasing the risk of attacks. Source: Vulners.
5. CVE-2025-61385: The tlocke pg8000 1.31.4 library is vulnerable to SQL injection via a specially crafted Python list input. This allows remote attackers to execute arbitrary SQL commands, posing a threat to database integrity. Source: Vulners.

Final Words

As we wrap up today's edition of Secret CISO, it's clear that the digital landscape is as dynamic as ever, with new challenges and vulnerabilities emerging at every turn. From massive data breaches affecting millions of users to vulnerabilities in cutting-edge AI technologies, the need for robust cybersecurity measures has never been more pressing.

Whether it's the exposure of 183 million email credentials or the vulnerabilities found in OpenAI's Atlas browser, these stories serve as a stark reminder of the importance of staying informed and proactive in safeguarding our digital lives. The Maryland Vulnerability Disclosure Program is a testament to the power of community collaboration in enhancing cybersecurity, while the ongoing investigations into breaches at institutions like Vibra Hospital highlight the critical need for vigilance and preparedness.

We encourage you to share this newsletter with your friends and colleagues. By spreading awareness, we can collectively strengthen our defenses against cyber threats. Let's continue to stay informed, stay secure, and support each other in navigating the ever-evolving world of cybersecurity.

Thank you for reading Secret CISO. Until next time, stay safe and vigilant!