Welcome to today's edition of Secret CISO, where we unravel the intricate web of cybersecurity challenges that have surfaced across various sectors. From the persistent vulnerabilities plaguing small and medium-sized businesses to the alarming rise in data breach lawsuits, today's stories paint a vivid picture of the evolving threat landscape.

We begin with SonicWall's revelation of the 'Seven Deadly Sins' that continue to haunt SMBs, emphasizing the crucial role of managed service providers in fortifying defenses. Meanwhile, a surge in data breach class actions and web tracking settlements signals a growing legal focus on privacy violations, urging organizations to bolster their data protection strategies.

In the realm of AI, Anthropic's accidental leak of its AI coding tool's source code highlights the security challenges in AI development, while Cisco grapples with a supply chain attack that compromised its source code, underscoring the vulnerabilities in development environments.

Financial institutions aren't spared either, as Cetera joins the list of major firms hit by data breaches, and the open-source community faces its own trials with a malicious package targeting the popular Axios library.

Finally, we delve into the technical intricacies of a Kerberos relay attack exploiting DNS CNAME abuse, as well as the critical Zcash vulnerability that put millions at risk, both serving as stark reminders of the need for vigilant security measures.

Join us as we navigate these pressing issues, offering insights and strategies to safeguard your organization in an increasingly perilous digital world.

Data Breaches

1. The Seven Deadly Sins Behind Repeat SMB Breaches: SonicWall's latest security report highlights critical vulnerabilities and risks that small and medium-sized businesses (SMBs) face. The report emphasizes the importance of managed security service providers (MSSPs) and managed service providers (MSPs) in addressing these persistent security challenges. Source: MSSP Alert.
2. Report Probes What Is Driving a Rapid Rise in Data Breach Suits and Web Tracking Settlements: A new report by Baker & Hostetler reveals a significant increase in data breach class actions and settlements related to web tracking and pixel cases. The findings suggest a growing legal focus on privacy violations and the need for organizations to enhance their data protection measures. Source: Law.com.
3. Anthropic Leaks Its Own AI Coding Tool's Source Code in Second Major Security Breach: Anthropic, an AI research company, accidentally leaked the source code of its AI coding tool, Claude Code, marking its second major security lapse in a short period. The company is implementing measures to prevent future incidents, highlighting the challenges of maintaining security in AI development. Source: Fortune.
4. $640bn Cetera Suffers Data Breach: Cetera, an independent brokerage firm, has informed its customers about a data breach that occurred last summer. This incident adds Cetera to the list of major firms experiencing data breaches, underscoring the ongoing threat to financial institutions. Source: Citywire.
5. Cisco Source Code Stolen in Trivy-Linked Dev Environment Breach: Security researchers have linked a supply chain attack involving the theft of Cisco's source code to the TeamPCP threat group. The breach highlights the vulnerabilities in development environments and the need for robust security measures to protect intellectual property. Source: Bleeping Computer.

Security Research

1. Axios Compromise on npm Introduces Hidden Malicious Package: Sonatype's security research uncovered a malicious package within the npm ecosystem, specifically targeting the Axios library. This compromise highlights the vulnerabilities in open-source software supply chains, emphasizing the need for vigilant monitoring and security measures. Source: Sonatype.
2. Zcash Vulnerability That Put Millions of Dollars of ZEC at Risk Has Been Fixed: A critical vulnerability in Zcash nodes was discovered, which allowed bypassing proof verification for the deprecated Sprout shielded pool. This flaw could have potentially jeopardized millions of dollars, but it has since been patched, ensuring the security of Zcash transactions. Source: Decrypt.
3. OpenClaw has 500,000 instances and no enterprise kill switch: Cato CTRL's security research revealed that OpenClaw, a widely deployed software, lacks an enterprise kill switch, posing significant risks. With 500,000 instances in operation, the absence of a centralized control mechanism could lead to widespread vulnerabilities. Source: VentureBeat.
4. Anthropic leaks its own AI coding tool's source code in second major security breach: In a significant security lapse, Anthropic accidentally exposed hundreds of thousands of lines of its AI coding tool's source code. This breach provides researchers with insights into upcoming models and internal architecture, raising concerns about data protection practices. Source: Fortune.
5. Detecting CVE-2026-20929: Kerberos Relay Attack via DNS CNAME Abuse: CrowdStrike's research into CVE-2026-20929 sheds light on a Kerberos relay attack exploiting DNS CNAME abuse. This vulnerability underscores the need for robust security measures to protect against sophisticated relay attacks in network environments. Source: CrowdStrike.

Final Words

As we wrap up today's edition of Secret CISO, it's clear that the cybersecurity landscape is as dynamic as ever. From the persistent vulnerabilities plaguing SMBs to the legal ramifications of data breaches and the challenges of securing AI development, the stories we've covered today highlight the critical importance of staying informed and vigilant.

Whether it's the accidental leaks at Anthropic or the sophisticated attacks on Cisco's development environments, each incident serves as a reminder of the evolving threats we face. The need for robust security measures and proactive strategies has never been more pressing.

We hope you found today's insights valuable and thought-provoking. If you did, please consider sharing this newsletter with your friends and colleagues. By spreading awareness, we can collectively strengthen our defenses and foster a more secure digital world.

Thank you for being a part of our community. Stay safe, stay informed, and we'll see you in the next edition of Secret CISO.