Welcome to today's edition of Secret CISO, where we unravel the intricate web of cybersecurity challenges that unfolded on December 13th. Today's narrative weaves through a series of alarming data breaches, critical vulnerabilities, and the relentless pursuit of digital security.

We begin with the Boise Co-op, where an ongoing investigation by Strauss Borrelli PLLC seeks to uncover the depths of a data breach that has left customer data exposed. This echoes the recent woes of LastPass, which faced a hefty ICO fine for a 2022 breach affecting 1.6 million users, spotlighting the dire consequences of inadequate security measures.

In a similar vein, the Deschutes Public Library was forced to shut its doors temporarily due to a breach that crippled its communication systems, while a flaw in Windows Defender Firewall exposed sensitive memory, reminding us of the critical need for regular updates.

Meanwhile, Home Depot's internal systems were left vulnerable for a year due to leaked credentials, and Notepad++ has patched updater bugs that previously allowed malicious hijacking. These incidents underscore the importance of vigilance in software security.

On the horizon, the ConsentFix attack is exploiting Azure CLI to compromise Microsoft accounts, and supply chain attacks targeting GitHub Actions are on the rise, highlighting the evolving threats in cloud and development environments.

Finally, we delve into the latest vulnerabilities, including a critical flaw in Node-SAML and high-severity issues in Google Chrome, urging users to update and protect their systems against potential exploits.

Stay informed, stay secure, and join us as we navigate the ever-changing landscape of cybersecurity.

Data Breaches

1. Boise Co-op Data Breach Investigation: Strauss Borrelli PLLC is investigating a data breach at Boise Consumer Cooperative, Inc., which has raised concerns about the security of customer data. The investigation aims to determine the extent of the breach and its impact on consumers. Source: Strauss Borrelli PLLC.
2. LastPass hit with ICO fine after 2022 data breach exposed 1.6 million users: LastPass faced a significant fine from the ICO due to a 2022 data breach that compromised the data of 1.6 million users. The company was criticized for not having robust security measures in place to prevent such an incident. Source: ITPro.
3. Deschutes Public Library shuts down following data breach: A data breach at the Deschutes Public Library led to the closure of all its locations over a weekend. The breach affected the library's communications systems, prompting immediate action to secure the network. Source: Bend Bulletin.
4. Windows Defender Firewall Bug Leaks Sensitive Memory: A flaw in Windows Defender Firewall allowed attackers to access sensitive memory, highlighting how even low-severity bugs can lead to significant data exposure. This vulnerability underscores the importance of regular security updates. Source: eSecurity Planet.
5. First Baptist Church of Glenarden International Data Breach Investigation: Strauss Borrelli PLLC is investigating a data breach at the First Baptist Church of Glenarden International. The investigation seeks to understand the breach's impact and ensure affected individuals are informed. Source: Strauss Borrelli PLLC.

Security Research

1. Leaked Home Depot credential exposed internal systems for a year: A security researcher discovered a leaked GitHub access token that granted write permissions to Home Depot's private repositories and other internal systems. This exposure lasted for a year, highlighting significant security oversight. Source: CSO Online
2. Notepad++ fixed updater bugs that allowed malicious update hijacking: Notepad++ addressed vulnerabilities in its updater that could allow attackers to hijack updates and install malware. This issue was reported by multiple organizations experiencing security incidents due to this flaw. Source: Security Affairs
3. ConsentFix Attack Lets Hackers Take Over Microsoft Accounts via Azure CLI: Security researchers at Push Security uncovered a phishing campaign named "ConsentFix" that exploits Azure CLI to compromise Microsoft accounts. This sophisticated attack highlights the need for robust security measures in cloud environments. Source: Cyber Press
4. Supply Chain Attacks Targeting GitHub Actions Increased in 2025: Security researchers observed a rise in supply chain attacks targeting GitHub Actions, leveraging threat intelligence to respond to these threats. This trend underscores the growing risk of supply chain vulnerabilities in software development. Source: Dark Reading
5. React2Shell Exploits Flood the Internet as Attacks Continue: React2Shell exploits have been increasingly used in attacks, with Trend Micro researchers warning about the false sense of security from existing defenses. This highlights the ongoing challenges in securing web applications. Source: Dark Reading

Top CVEs

1. CVE-2025-54369: Node-SAML, a SAML library for Node, has a vulnerability in versions 5.0.1 and below where it loads assertions from the unsigned original response document. This flaw allows attackers to modify authentication details within a valid SAML assertion, such as altering the username. The issue is resolved in version 5.1.0. Source: Vulners.
2. CVE-2025-14174: A vulnerability in ANGLE in Google Chrome on Mac, prior to version 143.0.7499.110, allows remote attackers to perform out-of-bounds memory access via a crafted HTML page. This issue has been classified with high severity by Chromium security. Source: Vulners.
3. CVE-2025-14372: A use-after-free vulnerability in the Password Manager of Google Chrome, prior to version 143.0.7499.110, could enable a remote attacker to potentially perform a sandbox escape using a crafted HTML page. This vulnerability is rated with medium severity. Source: Vulners.
4. CVE-2025-23408: Apache Fineract has a vulnerability due to weak password requirements, affecting versions up to 1.10.1. Users are advised to upgrade to version 1.11.0 or the latest release, 1.13.0, to mitigate this issue. Source: Vulners.

Final Words

As we wrap up today's edition of Secret CISO, it's clear that the digital landscape is ever-evolving, with new challenges emerging at every turn. From the Boise Co-op data breach investigation to the vulnerabilities in widely-used software like Windows Defender and Node-SAML, the importance of robust cybersecurity measures cannot be overstated. Each story serves as a reminder of the vigilance required to protect sensitive information and maintain trust in our digital interactions.

Whether it's the significant fine imposed on LastPass or the sophisticated ConsentFix attack targeting Microsoft accounts, these incidents highlight the critical need for ongoing security assessments and updates. The rise in supply chain attacks and the persistent threat of exploits like React2Shell further emphasize the necessity for comprehensive security strategies that adapt to new threats.

We hope you found today's insights valuable and informative. If you did, please consider sharing this newsletter with your friends and colleagues. By spreading awareness and knowledge, we can collectively strengthen our defenses against cyber threats. Stay vigilant, stay informed, and we'll see you in the next edition of Secret CISO.