Welcome to today's edition of Secret CISO, where we unravel the intricate web of cybersecurity challenges and triumphs shaping our digital landscape. As we close out March, today's stories weave a compelling narrative of vulnerabilities, breaches, and the relentless pursuit of security excellence.

We begin with SonicWall's revelation of the "Seven Deadly Sins" plaguing SMBs, a cautionary tale urging businesses to fortify their defenses against repeat breaches. Meanwhile, a surge in data breach lawsuits and web tracking settlements highlights the escalating legal stakes in data privacy, urging organizations to rethink their protection strategies.

In a dramatic turn, Anthropic finds itself in the spotlight again with a second major breach, leaking its AI coding tool's source code. This incident underscores the critical need for robust internal security protocols. Similarly, Cisco faces its own challenges as a supply chain attack exposes vulnerabilities in its development environment, emphasizing the importance of securing the software supply chain.

The financial sector isn't spared, as Cetera joins the ranks of breached institutions, reminding us of the ever-present threats to sensitive financial data. Meanwhile, the npm ecosystem faces a hidden threat with a malicious package introduced via the Axios library, spotlighting the vulnerabilities in open-source supply chains.

On a brighter note, Zcash developers have successfully patched a critical vulnerability that once threatened millions of dollars, showcasing the proactive measures needed to safeguard digital assets. Yet, the discovery of OpenClaw's lack of an enterprise kill switch serves as a stark reminder of the security risks in widely deployed systems.

Finally, we delve into the sophisticated realm of Kerberos relay attacks, as CrowdStrike's research sheds light on a DNS CNAME abuse vulnerability, urging the cybersecurity community to bolster defenses against such advanced threats.

Join us as we navigate these stories, each a chapter in the ongoing saga of cybersecurity, where vigilance and innovation are our greatest allies.

Data Breaches

1. The Seven Deadly Sins Behind Repeat SMB Breaches: SonicWall's latest security report highlights critical vulnerabilities in SMBs, emphasizing the need for MSSPs and MSPs to address these issues. The report outlines common security missteps that lead to repeated breaches, urging businesses to adopt more robust security measures. Source: MSSP Alert
2. Report Probes What Is Driving a Rapid Rise in Data Breach Suits and Web Tracking Settlements: A report by Baker & Hostetler reveals a surge in data breach class actions and settlements related to web tracking and pixel cases. This trend underscores the growing legal implications of data privacy violations and the need for organizations to enhance their data protection strategies. Source: Law.com
3. Anthropic Leaks Its Own AI Coding Tool's Source Code in Second Major Security Breach: Anthropic has experienced a significant security breach, leaking the source code of its AI coding tool. This incident, following a recent accidental data exposure, highlights the critical need for improved internal security protocols to prevent future breaches. Source: Fortune
4. $640bn Cetera Suffers Data Breach: Cetera, a major independent brokerage firm, has notified customers of a data breach that occurred last summer. This breach adds Cetera to the list of significant financial institutions facing data security challenges, emphasizing the importance of robust cybersecurity measures. Source: Citywire
5. Cisco Source Code Stolen in Trivy-Linked Dev Environment Breach: Security researchers have linked a supply chain attack on Cisco to the TeamPCP threat group. The breach involved the theft of Cisco's source code, highlighting vulnerabilities in development environments and the need for enhanced security measures. Source: Bleeping Computer

Security Research

1. Axios Compromise on npm Introduces Hidden Malicious Package: Sonatype's security research uncovered a malicious package introduced into the npm ecosystem via the Axios library. This compromise highlights the vulnerabilities in open-source supply chains, emphasizing the need for vigilant monitoring and security practices. Source: Sonatype.
2. Zcash Vulnerability That Put Millions of Dollars of ZEC at Risk Has Been Fixed: A critical vulnerability in Zcash nodes was discovered, which allowed bypassing proof verification for the deprecated Sprout shielded pool. This flaw, if exploited, could have put millions of dollars at risk, but has since been patched by developers. Source: Decrypt.
3. OpenClaw has 500,000 instances and no enterprise kill switch: Cato CTRL's security research revealed that OpenClaw, with over 500,000 instances, lacks an enterprise kill switch, posing significant security risks. This finding underscores the importance of robust security controls in widely deployed software systems. Source: VentureBeat.
4. Anthropic leaks its own AI coding tool's source code in second major security breach: In a significant security lapse, Anthropic accidentally exposed hundreds of thousands of lines of its AI coding tool's source code. This breach provides researchers with insights into upcoming models and internal architecture, raising concerns about data security practices. Source: Fortune.
5. Detecting CVE-2026-20929: Kerberos Relay Attack via DNS CNAME Abuse: CrowdStrike's research into CVE-2026-20929 highlights a Kerberos relay attack that exploits DNS CNAME abuse. This vulnerability requires understanding of prior Kerberos relay research and emphasizes the need for comprehensive security measures against such sophisticated attacks. Source: CrowdStrike.

Final Words

As we wrap up today's edition of Secret CISO, it's clear that the cybersecurity landscape is as dynamic and challenging as ever. From the seven deadly sins of SMB breaches to the intricate vulnerabilities in open-source supply chains, each story serves as a reminder of the critical importance of robust security measures and vigilant monitoring.

Whether it's the legal implications of data breaches, the internal security lapses at major firms, or the sophisticated attacks exploiting system vulnerabilities, the need for comprehensive cybersecurity strategies is undeniable. These stories not only highlight the challenges but also the opportunities for improvement and innovation in our security practices.

If you found today's insights valuable, please consider sharing this newsletter with your friends and colleagues. Together, we can foster a more informed and secure digital community. Stay vigilant, stay informed, and we'll see you in the next edition of Secret CISO.