Welcome to today's edition of Secret CISO, where we unravel the intricate web of cybersecurity challenges facing businesses and organizations worldwide. Our stories today weave a narrative of vulnerabilities, breaches, and the relentless pursuit of security in an ever-evolving digital landscape.

We begin with SonicWall's revelation of the "Seven Deadly Sins" plaguing SMBs, urging a call to action for MSSPs and MSPs to fortify defenses against repeat breaches. Meanwhile, a surge in data breach lawsuits and web tracking settlements, as reported by Baker & Hostetler, signals a growing awareness and regulatory pressure on data privacy practices.

In a dramatic twist, Anthropic finds itself in the spotlight again with a second major security breach, leaking its AI coding tool's source code. This incident raises alarms about the security of proprietary technologies, echoing the broader theme of vulnerability in today's tech-driven world.

The financial sector isn't spared, as Cetera joins the ranks of firms grappling with data breaches, while Cisco faces a supply chain attack linked to the TeamPCP threat group, exposing the fragility of development environments.

Open-source software isn't immune either, with Sonatype uncovering a malicious package in the npm ecosystem via the popular Axios library. This discovery underscores the critical need for vigilance in software supply chains.

Cryptocurrency systems also face scrutiny, as a patched Zcash vulnerability reminds us of the constant need for security assessments. Meanwhile, the widespread use of OpenClaw without an enterprise kill switch poses significant risks, highlighting the challenges of controlling potentially compromised tools.

Finally, CrowdStrike's research into a Kerberos relay attack via DNS CNAME abuse serves as a stark reminder of the importance of robust DNS security measures to thwart potential exploitation.

Join us as we delve deeper into these stories, exploring the lessons learned and the steps necessary to safeguard against the ever-present threats in our digital world.

Data Breaches

1. The Seven Deadly Sins Behind Repeat SMB Breaches: SonicWall's latest security report highlights critical vulnerabilities in SMBs, emphasizing the need for Managed Security Service Providers (MSSPs) and Managed Service Providers (MSPs) to address these issues. The report outlines common security missteps that lead to repeated breaches, urging businesses to adopt more robust security measures. Source: MSSP Alert
2. Report Probes What Is Driving a Rapid Rise in Data Breach Suits and Web Tracking Settlements: A new report by Baker & Hostetler reveals a significant increase in data breach class actions and settlements related to web tracking and pixel cases. The report suggests that this trend is driven by heightened awareness and regulatory scrutiny, pushing organizations to reassess their data privacy practices. Source: Law.com
3. Anthropic Leaks Its Own AI Coding Tool's Source Code in Second Major Security Breach: Anthropic has experienced a second major security breach, leaking the source code of its AI coding tool. The company is implementing new measures to prevent future incidents, as this leak could have significant implications for its operations and competitive edge. Source: Fortune
4. $640bn Cetera Suffers Data Breach: Cetera, an independent brokerage firm, has notified customers of a data breach that occurred last summer. This incident adds Cetera to the growing list of major firms facing data security challenges, highlighting the ongoing risks in the financial sector. Source: Citywire
5. Cisco Source Code Stolen in Trivy-Linked Dev Environment Breach: Security researchers have linked a supply chain attack on Cisco to the TeamPCP threat group, which used their "TeamPCP Cloud Stealer" tool. This breach underscores the vulnerabilities in development environments and the need for enhanced security protocols. Source: Bleeping Computer

Security Research

1. Axios Compromise on npm Introduces Hidden Malicious Package: Sonatype's security research revealed a significant compromise in the npm ecosystem, where a malicious package was introduced through the popular Axios library. This incident highlights the vulnerabilities in open-source software supply chains and the need for vigilant monitoring and security practices. Source: Sonatype.
2. Zcash Vulnerability That Put Millions of Dollars of ZEC at Risk Has Been Fixed: A critical vulnerability in Zcash nodes was discovered, which allowed bypassing proof verification for the deprecated Sprout shielded pool. This flaw put millions of dollars at risk, but has since been patched, underscoring the importance of continuous security assessments in cryptocurrency systems. Source: Decrypt.
3. OpenClaw has 500,000 instances and no enterprise kill switch: Security researcher Vitaly Simonovich documented the widespread use of OpenClaw, a tool with over 500,000 instances, lacking an enterprise-level kill switch. This poses significant security risks, as organizations may struggle to control or disable the tool if compromised. Source: VentureBeat.
4. Anthropic leaks its own AI coding tool's source code in second major security breach: In a significant security lapse, Anthropic accidentally exposed the source code of its AI coding tool, Claude Code. This breach provides insights into upcoming models and internal architecture, raising concerns about the security of proprietary AI technologies. Source: Fortune.
5. Detecting CVE-2026-20929: Kerberos Relay Attack via DNS CNAME Abuse: CrowdStrike's research into CVE-2026-20929 sheds light on a Kerberos relay attack that exploits DNS CNAME abuse. This vulnerability emphasizes the need for robust DNS security measures to prevent potential exploitation in enterprise environments. Source: CrowdStrike.

Final Words

As we wrap up today's edition of Secret CISO, it's clear that the digital landscape is fraught with challenges and opportunities. From the vulnerabilities plaguing SMBs to the rising tide of data breach lawsuits, each story serves as a reminder of the critical importance of robust cybersecurity measures. Whether it's the accidental exposure of AI source code or the stealthy introduction of malicious packages, the need for vigilance and proactive defense strategies has never been more pressing.

We hope these insights empower you to fortify your defenses and stay ahead of potential threats. Remember, cybersecurity is a shared responsibility, and knowledge is our most powerful tool. If you found today's newsletter valuable, please consider sharing it with your friends and colleagues. Together, we can build a more secure digital world.

Thank you for being a part of our community. Stay safe, stay informed, and we'll see you in the next edition of Secret CISO!