Welcome to today's edition of Secret CISO, where we unravel the tangled web of cybersecurity breaches and vulnerabilities that are shaking the digital world. In this issue, we dive into a series of alarming data breaches that have left healthcare systems and personal data exposed, alongside newly discovered vulnerabilities threatening the very backbone of our digital infrastructure.

We begin with the Kettering Health Network, where a devastating breach has led to over 200 lawsuits, disrupting critical patient care and delaying life-saving treatments. Meanwhile, the Washington State Department of Licensing faces accusations of negligence for leaving a security flaw open for years, allowing identity thieves to wreak havoc.

Across the Atlantic, France's centralized healthcare system has suffered a breach, exposing the medical records of over 15 million citizens, raising serious questions about the security of centralized health information systems. Back in the U.S., Evergreen Assisted Living and Tieu Dental are under fire for failing to protect sensitive patient data, with potential class action lawsuits looming.

On the technical front, a high-severity vulnerability in MongoDB threatens to crash servers, while malicious AI assistant extensions are harvesting chat histories from large language models. Researchers have also demonstrated how browser extensions can secretly install malware, highlighting the hidden dangers lurking in our everyday tools.

In a chilling development, the Dust Specter cyber threat targets Iraqi officials with sophisticated malware, and a critical FreeScout vulnerability allows zero-click remote code execution via email, underscoring the urgent need for robust security measures.

Join us as we explore these stories and more, unraveling the complexities of today's cybersecurity landscape and equipping you with the insights needed to stay one step ahead.

Data Breaches

1. Kettering Health Network Breach: More than 200 lawsuits have been filed against Kettering Health Network following a significant data breach that disrupted patient care, including delaying chemotherapy treatments. The breach resulted in the theft of hundreds of thousands of files, crippling their systems for months. Source: WHIO TV
2. Washington DOL Data Breach: A lawsuit alleges that the Washington State Department of Licensing (DOL) left a security flaw open for years, allowing identity thieves to exploit it. The DOL is accused of failing to fix the flaw and not notifying affected individuals as required by law. Source: KING5.com
3. Evergreen Assisted Living Data Breach: Evergreen faces a lawsuit for allegedly failing to implement industry-standard security measures to protect patient data. The breach has raised concerns about the adequacy of their data protection practices. Source: Westlaw Today
4. Tieu Dental Data Breach: A data breach at Tieu Dental compromised sensitive information, including Social Security Numbers. Lawyers are investigating the incident for a potential class action lawsuit due to the breach's impact on patients. Source: Class Action Lawsuits
5. Centralized Healthcare System Breach in France: A data breach in France's centralized healthcare system exposed the medical records of over 15 million citizens. The breach highlights vulnerabilities in centralized health information systems and raises concerns about patient privacy. Source: CPO Magazine

Security Research

1. New MongoDB Vulnerability Allows Attackers to Crash Any Server: A high-severity vulnerability, CVE-2026-25611, has been discovered in MongoDB, allowing unauthenticated attackers to crash servers. This flaw, rated 7.5, poses a significant risk to systems using MongoDB, highlighting the need for immediate attention and patching. Source: Cyber Press.
2. Malicious AI Assistant Extensions Harvest LLM Chat Histories: A new threat has emerged where malicious AI assistant extensions are being used to steal chat histories from large language models (LLMs). This exploitation highlights the vulnerabilities in AI systems and the need for robust security measures to protect sensitive data. Source: Microsoft Security Blog.
3. Any Browser Extension Can Secretly Install Malware, Researchers Demonstrate: Security researchers have shown that browser extensions can modify downloaded files to install malware without requiring permissions. This discovery underscores the potential risks associated with browser extensions and the importance of scrutinizing their permissions and behaviors. Source: Cybernews.
4. Dust Specter Targets Iraqi Officials with New SPLITDROP and GHOSTFORM Malware: A new cyber threat, Dust Specter, is targeting Iraqi officials using SPLITDROP and GHOSTFORM malware. The attack employs advanced techniques like geofencing and User-Agent verification, indicating a sophisticated threat actor behind the campaign. Source: The Hacker News.
5. FreeScout Vulnerability Enables Unauthenticated, Zero-Click RCE via Email (CVE-2026-28289): A critical vulnerability in FreeScout, CVE-2026-28289, allows unauthenticated, zero-click remote code execution via email. This flaw emphasizes the importance of securing email systems and applying patches promptly to mitigate potential exploits. Source: Help Net Security.

Final Words

As we wrap up today's edition of Secret CISO, it's clear that the digital landscape is fraught with challenges and opportunities for learning. From the significant data breaches affecting healthcare systems across the globe to the emerging threats targeting our digital infrastructures, the importance of vigilance and proactive measures cannot be overstated.

Each story we shared today underscores a critical aspect of cybersecurity—whether it's the need for robust data protection practices, the urgency of patching vulnerabilities, or the vigilance required to guard against sophisticated malware campaigns. These incidents serve as stark reminders of the evolving nature of cyber threats and the continuous effort required to safeguard sensitive information.

We hope you found today's insights valuable and that they inspire you to take action in your own cybersecurity practices. If you found this newsletter informative, please consider sharing it with your friends and colleagues. Together, we can foster a more informed and resilient community, better equipped to tackle the challenges of tomorrow.

Stay safe, stay informed, and see you in the next edition of Secret CISO!