Welcome to today's edition of Secret CISO, where we unravel the intricate web of cybersecurity challenges and triumphs unfolding across the globe. In this issue, we delve into a series of alarming data breaches and vulnerabilities that underscore the relentless nature of cyber threats.

We begin with Mt. Baker Imaging, which has finally notified patients of a data breach that occurred nearly a year ago, raising questions about the adequacy of their security measures. Meanwhile, Central Jersey Medical Center is under scrutiny as Lynch Carpenter investigates a recent cybersecurity incident, highlighting the ongoing concerns over patient data protection.

In a significant development, AT&T customers have been given an extended deadline to claim compensation from a $177 million settlement following a data breach, offering some relief amidst the chaos. SonicWall's revelation of state-sponsored hackers orchestrating a September breach serves as a stark reminder of the sophisticated threats lurking in the shadows.

Across the Pacific, Japanese media giant Nikkei grapples with a breach affecting 17,000 individuals due to a Slack account hack, emphasizing the vulnerabilities in communication platforms. On the technical front, CISA has issued a critical warning about a CentOS Web Panel bug, while security researchers uncover a new attack targeting Magento-powered online stores.

Amidst these challenges, a glimmer of hope emerges as AI-driven SOC agents demonstrate their potential to slash alert response times, revolutionizing security operations. Yet, as connected homes become more prevalent, the question of bystander privacy remains unresolved, calling for stricter standards in the smart home industry.

Finally, we explore a series of critical vulnerabilities, from Cisco's Java RMI process to Dynatrace's ActiveGate ping extension, each presenting unique threats that demand immediate attention. As we navigate this complex landscape, the importance of robust security measures and vigilant oversight becomes ever more apparent.

Stay informed, stay secure, and join us as we continue to uncover the secrets of cybersecurity in tomorrow's edition of Secret CISO.

Data Breaches

1. Mt. Baker Imaging notifies patients of data breach 10 months after incident: Mt. Baker Imaging has informed patients of a data breach that occurred 10 months prior, where thousands of patients' personal data were compromised due to alleged negligence and inadequate security measures. Source: Cascadia Daily.
2. Central Jersey Medical Center, Inc Data Breach Investigated by Lynch Carpenter: Central Jersey Medical Center announced a cybersecurity incident, prompting an investigation by Lynch Carpenter. The breach has raised concerns over the security of patient data. Source: Globe Newswire.
3. AT&T customers can still claim up to $7,500 from $177M data breach settlement - here's how: AT&T's $177 million settlement for a data breach allows affected customers to claim compensation. The deadline for claims has been extended, providing more time for eligible customers to apply. Source: ZDNet.
4. SonicWall says state-sponsored hackers behind September security breach: SonicWall has concluded that a September security breach, which exposed customers' firewall configuration backup files, was orchestrated by state-sponsored hackers. This incident highlights the ongoing threat of sophisticated cyberattacks. Source: Bleeping Computer.
5. Nikkei Says 17000 Impacted by Data Breach Stemming From Slack Account Hack: Japanese media giant Nikkei reported that hackers accessed employee Slack accounts, affecting 17,000 individuals by stealing sensitive information. This breach underscores the vulnerabilities in communication platforms. Source: DataBreaches.net.

Security Research

1. CISA warns of critical CentOS Web Panel bug exploited in attacks: The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a critical vulnerability in the CentOS Web Panel. This flaw allows attackers to exploit the system, potentially leading to unauthorized access and control. The issue was detailed by security researcher Maxime Rinaudo, who identified the root cause in the file-manager component. Source: Bleeping Computer.
2. Nearly Three-Quarters of US CISOs Faced Significant Cyber Incident in the Past Six Months: A recent report by Nagomi reveals that a significant majority of Chief Information Security Officers (CISOs) in the US have encountered major cyber incidents recently. The study highlights the increasing pressure on security leaders, with burnout and board scrutiny becoming prevalent issues. This underscores the evolving challenges in cybersecurity leadership. Source: IT Security Guru.
3. Hackers target online stores with new attack: Security researchers have discovered a critical vulnerability in the Magento platform, which powers numerous e-commerce sites. This flaw could allow attackers to compromise online stores, leading to potential data breaches and financial losses. The discovery emphasizes the need for robust security measures in e-commerce platforms. Source: CyberGuy.
4. AI SOC Agents Slash Alert Response Time, Study Shows: A new study indicates that AI-driven Security Operations Center (SOC) agents significantly reduce alert response times. This advancement in AI technology helps security teams manage threats more efficiently, enhancing overall cybersecurity posture. The findings highlight the potential of AI in transforming security operations. Source: GovInfoSecurity.
5. Connected homes: Is bystander privacy anyone's responsibility?: Researchers have examined the privacy policies of major smart camera and doorbell companies to assess their approach to bystander privacy. The study raises concerns about the lack of clear responsibility for protecting the privacy of individuals inadvertently captured by these devices. This research calls for better privacy standards in the smart home industry. Source: Help Net Security.

Top CVEs

1. CVE-2025-20354: A vulnerability in the Java Remote Method Invocation (RMI) process of Cisco Unified CCX allows unauthenticated, remote attackers to upload arbitrary files and execute commands with root permissions. This is due to improper authentication mechanisms associated with specific Cisco Unified CCX features. Exploiting this vulnerability could enable attackers to execute arbitrary commands and elevate privileges. Source: CVE-2025-20354
2. CVE-2025-61304: An OS command injection vulnerability exists in Dynatrace ActiveGate ping extension up to version 1.016. This vulnerability can be exploited via crafted IP addresses, potentially allowing attackers to execute arbitrary commands on the affected system. Source: CVE-2025-61304
3. CVE-2025-63334: PocketVJ CP version 3.9.1 contains an unauthenticated remote code execution vulnerability in the submit_opacity.php component. The application fails to sanitize user input in the opacityValue POST parameter, allowing remote attackers to execute arbitrary commands with root privileges. Source: CVE-2025-63334
4. CVE-2025-62225: Sony's Optical Disc Archive Software registers a Windows service with an unquoted file path. This vulnerability allows users with write permission on the root directory of the system drive to execute arbitrary code with SYSTEM privileges. Source: CVE-2025-62225
5. CVE-2025-55278: HCL DevOps Loop's API authentication middleware improperly validates authentication tokens, accepting them without checking expiration or cryptographic signature. This flaw allows attackers to use expired or tampered tokens to gain unauthorized access and perform actions with elevated privileges. Source: CVE-2025-55278

Final Words

As we wrap up today's edition of Secret CISO, it's clear that the cybersecurity landscape is as dynamic and challenging as ever. From data breaches affecting thousands of individuals to vulnerabilities in critical systems, the stories we've covered today highlight the importance of vigilance and proactive measures in safeguarding our digital world.

Whether it's the delayed notification of a breach at Mt. Baker Imaging or the sophisticated state-sponsored attack on SonicWall, each incident serves as a reminder of the potential consequences of inadequate security practices. Meanwhile, the ongoing investigations at Central Jersey Medical Center and the settlement opportunities for AT&T customers show the varied responses to breaches and the importance of accountability.

On the technical front, vulnerabilities like those in the CentOS Web Panel and Cisco Unified CCX underscore the need for constant vigilance and timely patching. The advancements in AI for security operations and the scrutiny of smart home privacy policies further illustrate the evolving nature of cybersecurity challenges and solutions.

As we continue to navigate these complex issues, sharing knowledge and insights becomes crucial. If you found today's newsletter informative, consider sharing it with your friends and colleagues. Together, we can foster a more informed and resilient cybersecurity community.

Thank you for joining us today. Stay secure, and we'll see you in the next edition of Secret CISO!