Welcome to today's edition of Secret CISO, where we unravel the intricate web of cybersecurity challenges that define our digital landscape. In this issue, we delve into the persistent vulnerabilities plaguing small and medium-sized businesses, as SonicWall's report exposes the 'Seven Deadly Sins' that leave them vulnerable to repeat breaches. The urgency for MSSPs and MSPs to step up has never been clearer.

Meanwhile, the legal world is abuzz with a surge in data breach lawsuits and settlements, as Baker & Hostetler's report highlights the growing scrutiny on privacy violations and web tracking technologies. This legal momentum underscores the critical need for robust privacy measures.

In a dramatic twist, Anthropic finds itself in the spotlight again with a second major security breach, leaking its AI coding tool's source code. This incident raises serious questions about internal security protocols and the safeguarding of intellectual property.

Financial giant Cetera joins the ranks of breached institutions, notifying customers of a data breach that underscores the ongoing vulnerabilities within the financial sector. Similarly, Cisco faces a sophisticated supply chain attack, with its source code stolen, highlighting the relentless threat of cyberattacks on development environments.

As we navigate these turbulent waters, the discovery of a malicious package within the npm ecosystem targeting Axios, and the patched vulnerability in Zcash, remind us of the critical importance of vigilance in open-source and cryptocurrency networks.

Finally, we explore the widespread deployment of OpenClaw without an enterprise kill switch, and the evolving threat landscape with CrowdStrike's insights into Kerberos relay attacks. Each story weaves into a larger narrative of the ceaseless battle for cybersecurity resilience.

Stay informed, stay secure, and join us as we continue to uncover the secrets of the cybersecurity world.

Data Breaches

1. The Seven Deadly Sins Behind Repeat SMB Breaches: SonicWall's latest security report highlights critical vulnerabilities in SMBs, emphasizing the urgent need for Managed Security Service Providers (MSSPs) and Managed Service Providers (MSPs) to address these weaknesses. The report identifies recurring security lapses that leave small and medium-sized businesses exposed to cyber threats. Source: MSSP Alert.
2. Report Probes What Is Driving a Rapid Rise in Data Breach Suits and Web Tracking Settlements: A new report by Baker & Hostetler reveals a surge in data breach class actions and settlements related to web tracking and pixel cases. The findings suggest an increasing legal focus on privacy violations and the implications of digital tracking technologies. Source: Law.com.
3. Anthropic Leaks Its Own AI Coding Tool's Source Code in Second Major Security Breach: Anthropic has experienced a significant security breach, leaking the source code of its AI coding tool. This incident follows a previous accidental revelation, raising concerns about the company's internal security measures. Source: Fortune.
4. $640bn Cetera Suffers Data Breach: Cetera, a major independent brokerage firm, has notified customers of a data breach that occurred last summer. This incident adds Cetera to the list of significant financial institutions affected by data breaches, highlighting ongoing vulnerabilities in the sector. Source: Citywire.
5. Cisco Source Code Stolen in Trivy-Linked Dev Environment Breach: Security researchers have linked a supply chain attack on Cisco to the TeamPCP threat group. The breach involved the theft of Cisco's source code, underscoring the persistent threat of sophisticated cyberattacks targeting development environments. Source: Bleeping Computer.

Security Research

1. Axios Compromise on npm Introduces Hidden Malicious Package: Sonatype's security research uncovered a malicious package within the npm ecosystem, specifically targeting the Axios library. This compromise involved the introduction of hidden malware, posing significant risks to developers and applications relying on Axios. The incident highlights the vulnerabilities within open-source software supply chains and the need for vigilant security practices. Source: Sonatype.
2. Zcash Vulnerability That Put Millions of Dollars of ZEC at Risk Has Been Fixed: A critical vulnerability in Zcash nodes was discovered, which allowed bypassing proof verification for the deprecated Sprout shielded pool. This flaw could have potentially put millions of dollars at risk, but it has since been patched by Zcash developers. The incident underscores the importance of continuous security audits in cryptocurrency networks. Source: Decrypt.
3. OpenClaw has 500,000 instances and no enterprise kill switch: Security researcher Vitaly Simonovich documented the widespread deployment of OpenClaw, a tool with over 500,000 instances but lacking an enterprise-level kill switch. This poses a significant security risk as it could lead to uncontrolled data exposure or misuse. The situation calls for improved security measures and management controls in widely deployed software tools. Source: VentureBeat.
4. Anthropic leaks its own AI coding tool's source code in second major security breach: Anthropic experienced a significant security breach, accidentally exposing hundreds of thousands of lines of its AI coding tool's source code. This leak provides researchers with insights into upcoming models and internal architecture, raising concerns about intellectual property protection and the security of proprietary AI technologies. Source: Fortune.
5. Detecting CVE-2026-20929: Kerberos Relay Attack via DNS CNAME Abuse: CrowdStrike's research delves into CVE-2026-20929, a vulnerability involving Kerberos relay attacks through DNS CNAME abuse. Understanding this vulnerability requires context from previous Kerberos relay research, highlighting the evolving nature of attack vectors and the need for robust security defenses against such sophisticated threats. Source: CrowdStrike.

Final Words

As we wrap up today's edition of Secret CISO, it's clear that the cybersecurity landscape is as dynamic and challenging as ever. From the recurring vulnerabilities in SMBs to the sophisticated breaches affecting major corporations and open-source ecosystems, the need for vigilant security practices is undeniable. Each story we shared today underscores the importance of staying informed and proactive in defending against cyber threats.

We hope you found these insights valuable and that they help you navigate the complex world of cybersecurity with greater confidence. Remember, knowledge is power, and sharing it can make a difference. If you found today's newsletter helpful, please consider sharing it with your friends and colleagues. Together, we can build a more secure digital future.

Thank you for being a part of our community. Stay safe, stay informed, and we'll see you in the next edition of Secret CISO!