Welcome to today's edition of Secret CISO, where we unravel the intricate web of cybersecurity challenges and breaches that are shaping the digital landscape. In this issue, we delve into the recurring vulnerabilities plaguing small and medium-sized businesses, as SonicWall's report reveals the seven deadly sins leading to repeat breaches. This underscores the vital role of managed security service providers in fortifying defenses.

Meanwhile, the legal landscape is shifting as Baker & Hostetler's report highlights a surge in data breach lawsuits and web tracking settlements, urging companies to bolster their data protection strategies. In a parallel narrative, Anthropic faces its second major security breach, leaking the source code of its AI tool, Claude Code, raising alarms about intellectual property security.

Adding to the list of high-profile breaches, Cetera's recent data compromise and Cisco's source code theft linked to a supply chain attack emphasize the persistent threats to sensitive financial and intellectual data. The discovery of a malicious package within the widely-used Axios npm library further illustrates the pervasive risks in software development environments.

On a brighter note, Zcash developers have patched a critical vulnerability that once threatened millions of dollars in ZEC, showcasing the importance of swift action in cybersecurity. However, the lack of an enterprise kill switch in OpenClaw, with its 500,000 instances, remains a looming risk.

Finally, CrowdStrike's insights into the Kerberos relay attack via DNS CNAME abuse highlight the evolving tactics of cyber adversaries, reminding organizations of the need for constant vigilance and adaptation in their security measures.

Stay informed and stay secure with Secret CISO, where we connect the dots in the ever-evolving cybersecurity narrative.

Data Breaches

1. The Seven Deadly Sins Behind Repeat SMB Breaches: SonicWall's latest security report highlights critical vulnerabilities and risks that small and medium-sized businesses (SMBs) face, emphasizing the importance of managed security service providers (MSSPs) and managed service providers (MSPs) in mitigating these threats. The report underscores the recurring mistakes that lead to repeated breaches in SMBs, urging a more proactive approach to cybersecurity. Source: MSSP Alert.
2. Report Probes What Is Driving a Rapid Rise in Data Breach Suits and Web Tracking Settlements: A new report by Baker & Hostetler reveals a significant increase in data breach class actions and the resolution of web tracking and pixel cases. This trend indicates a growing legal focus on privacy violations and the need for companies to enhance their data protection measures to avoid costly settlements. Source: Law.com.
3. Anthropic Leaks Its Own AI Coding Tool's Source Code in Second Major Security Breach: In a significant security lapse, Anthropic accidentally leaked the source code of its AI coding tool, Claude Code, marking the second major breach in a short period. The company is implementing measures to prevent future incidents, as the leak could potentially harm its competitive edge. Source: Fortune.
4. $640bn Cetera Suffers Data Breach: Cetera, an independent brokerage firm, has informed its customers about a data breach that occurred last summer. This incident adds Cetera to the list of major firms experiencing data breaches, highlighting the ongoing challenges in securing sensitive financial data. Source: Citywire.
5. Cisco Source Code Stolen in Trivy-Linked Dev Environment Breach: Security researchers have linked a breach involving the theft of Cisco's source code to the TeamPCP threat group. This supply chain attack underscores the vulnerabilities in development environments and the need for robust security measures to protect intellectual property. Source: Bleeping Computer.

Security Research

1. Axios Compromise on npm Introduces Hidden Malicious Package: Sonatype's security research uncovered a malicious package hidden within the popular Axios npm library. This compromise poses a significant threat due to Axios's widespread use in web development, potentially allowing attackers to execute malicious code on numerous systems. Source: Sonatype.
2. Zcash Vulnerability That Put Millions of Dollars of ZEC at Risk Has Been Fixed: A critical vulnerability in Zcash nodes was discovered, which allowed bypassing proof verification for the deprecated Sprout shielded pool. This flaw could have jeopardized millions of dollars in ZEC, but has since been patched by developers. Source: Decrypt.
3. OpenClaw has 500,000 instances and no enterprise kill switch: Cato CTRL's security research highlighted the lack of an enterprise kill switch in OpenClaw, which has over 500,000 instances. This oversight could lead to significant security risks if exploited by malicious actors. Source: VentureBeat.
4. Anthropic leaks its own AI coding tool's source code in second major security breach: Anthropic accidentally exposed hundreds of thousands of lines of its AI coding tool's source code. This breach provides researchers with insights into the company's upcoming models and internal architecture, raising concerns about intellectual property security. Source: Fortune.
5. Detecting CVE-2026-20929: Kerberos Relay Attack via DNS CNAME Abuse: CrowdStrike's research into CVE-2026-20929 reveals a Kerberos relay attack exploiting DNS CNAME abuse. Understanding this vulnerability is crucial for organizations relying on Kerberos for authentication, as it highlights potential weaknesses in their security infrastructure. Source: CrowdStrike.

Final Words

As we wrap up today's edition of Secret CISO, it's clear that the cybersecurity landscape is as dynamic as ever. From the recurring vulnerabilities in SMBs to the legal ramifications of data breaches, and the startling security lapses in major tech firms, the need for vigilance and proactive measures has never been more critical.

Each story we shared today underscores the importance of staying informed and prepared. Whether it's understanding the legal landscape of data breaches, recognizing the threats posed by malicious packages in widely-used libraries, or addressing vulnerabilities in your security infrastructure, knowledge is your first line of defense.

We hope you found today's insights valuable and thought-provoking. If you did, please consider sharing this newsletter with your friends and colleagues. Together, we can foster a community that is better equipped to tackle the ever-evolving challenges of cybersecurity.

Stay safe, stay informed, and see you in the next edition of Secret CISO!