Welcome to today's edition of Secret CISO, where we unravel the intricate web of cybersecurity challenges and breakthroughs. As the digital landscape continues to evolve, so do the threats and vulnerabilities that lurk within it. Today, we delve into a series of alarming data breaches, critical security flaws, and the relentless pursuit of cybercriminals.

First, we spotlight the looming deadline for filing claims in the $30 million settlement over the 23andMe data breach. This incident, rooted in a credential stuffing attack, serves as a stark reminder of the vulnerabilities in personal data protection. Meanwhile, the University of Phoenix grapples with a massive breach affecting 3.5 million individuals, sparking legal investigations and highlighting the pervasive nature of data security threats.

In the realm of AI, the Orchids platform faces scrutiny as significant security flaws are uncovered, posing risks to user data and operations. This discovery underscores the urgent need for robust security measures in AI technologies. Similarly, the exposure of malicious npm and PyPI packages linked to the notorious Lazarus APT group emphasizes the critical importance of vigilance in software supply chain security.

As we navigate these challenges, Cambodia's pledge to dismantle scam networks by April offers a glimmer of hope in the fight against cybercrime. This initiative could reshape the region's cybersecurity landscape, reinforcing national security and protecting citizens from digital threats.

On the technological front, Google Chrome's latest security update addresses 11 critical vulnerabilities, reinforcing the company's commitment to safeguarding user experiences. However, the revelation of multilingual prompt injection bypassing LLM safety nets calls for enhanced scrutiny and improvement of AI safety protocols.

Finally, we turn our attention to the automotive sector, where a series of vulnerabilities in the Nissan Leaf ZE1's infotainment system exposes potential risks of remote code execution and system control. These findings highlight the ongoing challenges in securing connected vehicles and the need for rigorous security assessments.

Stay informed, stay secure, and join us as we continue to explore the ever-evolving world of cybersecurity.

Data Breaches

1. 23andMe Data Breach Settlement Deadline Nears: The deadline to file a claim in the $30 million settlement over the 23andMe data breach is approaching. This breach involved a "credential stuffing attack" where hackers used login credentials to access user data. Impacted individuals in Alaska, California, Illinois, or Oregon are eligible to file claims. Source
2. University of Phoenix Data Breach Affects 3.5 Million: The University of Phoenix has confirmed a significant data breach impacting nearly 3.5 million people. This breach has prompted a securities class action investigation by a leading investor rights law firm. Affected individuals are encouraged to inquire about potential legal actions. Source
3. Security Flaws in Orchids AI Platform: The AI-assisted coding platform Orchids has been found to have significant security vulnerabilities. These flaws could allow attackers to easily compromise the platform, posing a risk to users' data and operations. This discovery highlights the need for robust security measures in AI platforms. Source
4. Malicious npm and PyPI Packages Linked to Lazarus APT: Security researchers have identified malicious npm and PyPI packages linked to the Lazarus APT group. These packages were part of a fake recruiter campaign, aiming to compromise systems and steal sensitive information. This incident underscores the importance of vigilance in software supply chain security. Source
5. Northstar Fertility Partners Data Breach Investigation: Edelson Lechtzin LLP is investigating claims on behalf of Northstar Fertility Partners clients whose data may have been compromised. Affected individuals are advised to take steps to protect themselves against identity theft and fraud. This breach highlights the ongoing risks to personal data in the healthcare sector. Source

Security Research

1. Risky Bulletin: Cambodia Promises to Dismantle Scam Networks by April
2. : Cambodia has pledged to dismantle scam networks by April, a move that could significantly impact the region's cybersecurity landscape. This initiative aims to tackle the growing issue of scam operations that have been exploiting digital vulnerabilities. The commitment is part of a broader effort to enhance national security and protect citizens from cyber threats. Source:
3. Risky Business
4. .
5. Is WhatsApp Actually Safe? What Cryptographers Say About Your Private Messages
6. : Cryptographers have raised concerns about the security of WhatsApp, suggesting that any secret reading of messages by Meta would require a visible flaw in the app's code. This highlights the importance of transparency and rigorous security research in maintaining user trust and privacy. The ongoing scrutiny underscores the need for robust encryption practices in messaging apps. Source:
7. Ubergizmo
8. .
9. Security Flaws Expose 'Vibe-Coding' AI Platform Orchids to Easy Hacking
10. : A cybersecurity researcher has identified significant security weaknesses in the 'vibe-coding' AI platform Orchids, which could allow malicious actors to breach accounts and manipulate data. This discovery emphasizes the critical need for thorough security assessments in AI platforms to prevent potential exploitation. The findings call for immediate action to bolster the platform's defenses. Source:
11. Digital Watch
12. .
13. Multilingual Prompt Injection Exposes Gaps in LLM Safety Nets
14. : A security researcher has demonstrated the ability to bypass multiple LLM runtime safeguards, including those of Azure Content, through multilingual prompt injection. This revelation exposes significant gaps in the safety nets of large language models, highlighting the need for more robust security measures to protect against such vulnerabilities. The incident calls for enhanced scrutiny and improvement of AI safety protocols. Source:
15. HackerNoon
16. .
17. Google Chrome 145 Security Update: Patch Addresses 11 Critical Vulnerabilities
18. : Google has released a security update for Chrome 145, addressing 11 critical vulnerabilities. This proactive measure underscores the company's commitment to security research and user protection. The update aims to prevent potential exploitation, ensuring a safer browsing experience for users worldwide. Source:
19. Rescana
20. .

Top CVEs

1. CVE-2025-32059: This vulnerability affects the Bluetooth stack in the Infotainment ECU developed by Alps Alpine and manufactured by Bosch. Due to improper boundary validation of user-supplied data, a stack-based buffer overflow can occur, allowing attackers to execute remote code with root privileges. This flaw was first identified in the Nissan Leaf ZE1 manufactured in 2020. Source: Vulners.
2. CVE-2025-32058: The Infotainment ECU by Bosch, using an RH850 module for CAN communication, is vulnerable due to a flaw in processing protocol requests. This allows attackers with code execution on the infotainment SoC to execute code on the RH850 module and send arbitrary CAN messages. This vulnerability was first identified in the Nissan Leaf ZE1 manufactured in 2020. Source: Vulners.
3. CVE-2025-32060: This system vulnerability arises from the absence of kernel module signature verification. If an attacker gains root-level command execution, they can load custom kernel modules, potentially taking control of the entire system. This flaw was first identified in the Nissan Leaf ZE1 manufactured in 2020. Source: Vulners.
4. CVE-2025-32063: A misconfiguration vulnerability in the Infotainment ECU by BOSCH occurs during the startup phase of a specific systemd service. This results in the unintended activation of developer features, such as a disabled firewall and an active SSH server. This issue was first identified in the Nissan Leaf ZE1 manufactured in 2020. Source: Vulners.

Final Words

As we wrap up today's edition of Secret CISO, it's clear that the digital landscape is as dynamic as ever. From looming settlement deadlines and massive data breaches to vulnerabilities in AI platforms and critical software updates, the cybersecurity world is constantly evolving. Each story serves as a reminder of the importance of staying informed and vigilant in protecting our digital lives.

Whether it's understanding the implications of a data breach, recognizing the significance of software updates, or staying ahead of potential threats, knowledge is our best defense. As we navigate these challenges together, let's continue to share insights and strategies that empower us to safeguard our digital environments.

If you found today's newsletter insightful, consider sharing it with your friends and colleagues. By spreading awareness, we can collectively enhance our security posture and foster a community that prioritizes digital safety. Until next time, stay secure and stay informed!