Welcome to today's edition of Secret CISO, where we unravel the intricate web of cybersecurity challenges facing organizations worldwide. Our journey begins with SonicWall's revelation of the "Seven Deadly Sins" plaguing SMBs, a cautionary tale urging businesses to fortify their defenses with the help of MSSPs and MSPs.

As we navigate the legal landscape, Baker & Hostetler's report highlights a surge in data breach lawsuits and web tracking settlements, signaling a pivotal shift in how companies must approach data privacy and compliance.

In a dramatic twist, Anthropic finds itself in the spotlight once again, grappling with a second major breach involving its AI coding tool, Claude Code. This incident underscores the critical need for robust internal security protocols.

Meanwhile, the financial sector is not spared, as Cetera discloses a data breach, joining a growing list of financial institutions facing similar threats. The saga continues with Cisco, whose source code theft linked to a supply chain attack raises alarms about vulnerabilities in software development environments.

Our story takes a darker turn with the discovery of a malicious package within the popular Axios npm library, a stark reminder of the threats lurking in open-source software. Yet, hope prevails as Zcash successfully patches a vulnerability that once threatened millions of dollars in ZEC.

As we conclude, we delve into the world of OpenClaw, where the absence of an enterprise kill switch poses significant risks, and CrowdStrike's research into a Kerberos relay attack via DNS CNAME abuse, highlighting the ever-evolving nature of cyber threats.

Join us as we explore these unfolding narratives, each a chapter in the ongoing saga of cybersecurity. Stay vigilant, stay informed, and remember, in the world of cybersecurity, knowledge is your greatest ally.

Data Breaches

1. The Seven Deadly Sins Behind Repeat SMB Breaches: SonicWall's latest security report highlights critical vulnerabilities in SMBs, emphasizing the urgent need for Managed Security Service Providers (MSSPs) and Managed Service Providers (MSPs) to address these gaps. The report identifies recurring security missteps that leave SMBs exposed to cyber threats. Source: MSSP Alert
2. Report Probes What Is Driving a Rapid Rise in Data Breach Suits and Web Tracking Settlements: A new report by Baker & Hostetler reveals a significant increase in data breach class actions and settlements related to web tracking and pixel cases. The findings suggest a growing legal landscape around data privacy and security breaches, prompting organizations to reassess their compliance strategies. Source: Law.com
3. Anthropic leaks its own AI coding tool's source code in second major security breach: In a significant security lapse, Anthropic accidentally leaked the source code of its AI coding tool, Claude Code. This incident marks the second major breach for the company in a short span, raising concerns about internal security protocols. Source: Fortune
4. $640bn Cetera suffers data breach: Cetera, a major independent brokerage firm, has disclosed a data breach that occurred last summer. The firm is currently notifying affected customers, joining a list of significant financial institutions that have recently faced similar security challenges. Source: Citywire
5. Cisco source code stolen in Trivy-linked dev environment breach: Security researchers have linked a supply chain attack on Cisco's development environment to the TeamPCP threat group. The breach involved the theft of Cisco's source code, highlighting vulnerabilities in the software supply chain. Source: Bleeping Computer

Security Research

1. Axios Compromise on npm Introduces Hidden Malicious Package: Sonatype's security research uncovered a malicious package within the popular Axios npm library, potentially affecting millions of users. The package was designed to execute hidden malware, posing a significant threat to open-source software security. Source: Sonatype.
2. Zcash Vulnerability That Put Millions of Dollars of ZEC at Risk Has Been Fixed: A critical vulnerability in Zcash nodes was discovered, which allowed bypassing proof verification for the deprecated Sprout shielded pool. This flaw could have jeopardized millions of dollars in ZEC, but it has since been patched. Source: Decrypt.
3. OpenClaw has 500,000 instances and no enterprise kill switch: Cato CTRL's security research revealed that OpenClaw, with over 500,000 instances, lacks an enterprise kill switch, raising concerns about data security and control. The absence of this feature could lead to significant vulnerabilities in enterprise environments. Source: VentureBeat.
4. Anthropic leaks its own AI coding tool's source code in second major security breach: In a significant security lapse, Anthropic accidentally exposed the source code of its AI coding tool, Claude Code, for the second time. This breach provided researchers with insights into upcoming models and internal architecture, highlighting the importance of robust security measures. Source: Fortune.
5. Detecting CVE-2026-20929: Kerberos Relay Attack via DNS CNAME Abuse: CrowdStrike's research into CVE-2026-20929 sheds light on a Kerberos relay attack exploiting DNS CNAME abuse. This vulnerability underscores the need for enhanced security protocols to prevent such sophisticated attacks. Source: CrowdStrike.

Final Words

As we wrap up today's edition of Secret CISO, it's clear that the cybersecurity landscape is as dynamic as ever. From the persistent vulnerabilities plaguing SMBs to the legal ramifications of data breaches, the need for robust security measures is undeniable. The stories we've shared today highlight the importance of staying informed and vigilant in the face of evolving threats.

Whether it's the accidental leaks from Anthropic or the supply chain vulnerabilities affecting giants like Cisco, each incident serves as a reminder of the critical role security protocols play in safeguarding our digital world. As we continue to navigate these challenges, sharing knowledge and insights becomes crucial.

If you found today's newsletter insightful, consider sharing it with your friends and colleagues. Together, we can foster a community that prioritizes security and resilience in the digital age. Stay safe, stay informed, and we'll see you in the next edition of Secret CISO!