Welcome to today's edition of Secret CISO, where we unravel the intricate web of cybersecurity threats and vulnerabilities that continue to challenge our digital landscape. On this eventful day, we dive deep into a series of alarming data breaches that have rocked various sectors, from luxury brands to healthcare and genetic data companies.

First, we spotlight the ongoing investigations by Edelson Lechtzin LLP into data breaches at Rockerbox and Artivion, Inc., urging affected customers to consider legal actions. Meanwhile, Covenant Health faces scrutiny after exposing sensitive personal and health information, and Louis Vuitton UK grapples with its third cyberattack, highlighting persistent security challenges in the luxury industry. As the deadline looms for 23andMe customers to seek compensation, the risks surrounding genetic data security are brought to the forefront.

In parallel, Nvidia warns of potential Rowhammer attacks on their GPUs, a threat that could compromise data integrity. Unpatched vulnerabilities in Ruckus Networks products and a critical Bluetooth stack flaw, dubbed PerfektBlue, further underscore the urgent need for vigilance and timely updates. The EV charging infrastructure and U.S. train systems also reveal serious vulnerabilities, demanding immediate action to prevent unauthorized access and control.

Lastly, we delve into the technical realm with recent PHP vulnerabilities, including CVE-2025-1220, CVE-2025-6491, and CVE-2025-1735, which pose significant risks to system stability and security. These issues remind us of the ever-evolving nature of cybersecurity threats and the importance of staying informed and proactive.

Join us as we navigate these pressing issues, providing insights and guidance to help you fortify your defenses in an increasingly complex digital world.

Data Breaches

1. DATA BREACH ALERT: Edelson Lechtzin LLP Is Investigating - GlobeNewswire
2. : Rockerbox experienced a data breach in early July 2025, prompting Edelson Lechtzin LLP to investigate potential claims on behalf of affected customers. The breach's specifics remain under investigation, but customers are encouraged to seek legal advice. Source:
3. GlobeNewswire
4. .
5. DATA BREACH ALERT: Edelson Lechtzin LLP Is Investigating Claims On Behalf Of Artivion, Inc.
6. : Artivion reported a security breach on November 20, 2024, involving unauthorized network access. Edelson Lechtzin LLP is investigating claims for affected customers, urging them to discuss potential legal actions. Source:
7. Bluefield Daily Telegraph
8. .
9. Covenant Health Data Breach Exposes SSNs & Health Info - Claim Depot
10. : Covenant Health suffered a data breach exposing personal and health information of at least 7,864 individuals. Affected parties are advised to secure their data and check for potential misuse. Source:
11. Claim Depot
12. .
13. Louis Vuitton UK Says Hackers Have Stolen Some Customer Data | BoF
14. : Louis Vuitton UK confirmed a cyberattack resulting in the theft of customer data, marking the third such incident against LVMH brands recently. The breach underscores ongoing cybersecurity challenges in the luxury sector. Source:
15. Business of Fashion
16. .
17. 23andMe data breach: Deadline looms for customers seeking compensation - AL.com
18. : 23andMe customers affected by a data breach are approaching a deadline to seek compensation for damages incurred. The breach highlights the ongoing risks in genetic data security. Source:
19. AL.com
20. .

Security Research

1. Nvidia warns of Rowhammer attacks on GPUs: Nvidia has issued a warning about potential Rowhammer attacks targeting their GPUs. This type of attack can manipulate memory cells to cause data corruption, posing a significant threat to data integrity and system stability. Nvidia is urging users to update their systems to mitigate these risks. Source: The Register.
2. Ruckus Networks security flaws left unpatched: Security researchers have identified nine vulnerabilities across two Ruckus Networks products. These flaws remain unpatched, leaving thousands of devices at risk of exploitation. Users are advised to stay vigilant and apply any available security updates promptly. Source: MSN.
3. PerfektBlue: Major Bluetooth Stack Flaw Could Rule Billions of Devices: Researchers at PCA Cyber Security have discovered a critical vulnerability in the Blue SDK Bluetooth stack, which is widely used in billions of devices. This flaw could allow attackers to execute remote code, potentially compromising affected devices. Users are encouraged to update their Bluetooth software to protect against this threat. Source: The420.in.
4. Security Research Reveals Serious Vulnerabilities in EV Charging Infrastructure: A recent study has highlighted vulnerabilities in the EV charging infrastructure, where attackers can intercept and manipulate communication during the handshake phase. This could lead to unauthorized access and control over charging stations. The research underscores the need for enhanced security measures in this growing sector. Source: iHLS.
5. Security vulnerability on U.S. trains that let anyone activate the brakes on the rear car: A security researcher has uncovered a vulnerability in the wireless RF communication system used in U.S. trains, which allows unauthorized activation of the brakes on the rear car. This flaw has been known for 13 years, but operators have only recently begun addressing it. The discovery calls for immediate action to secure train communication systems. Source: Tom's Hardware.

Top CVEs

1. CVE-2025-1220: In certain PHP versions, functions like fsockopen() fail to validate that hostnames do not contain null characters. This oversight can lead to security vulnerabilities, especially if user code performs access checks based on these hostnames. The issue affects PHP versions before 8.1.33, 8.2.29, 8.3.23, and 8.4.10. Source.
2. CVE-2025-6491: A vulnerability in PHP's SOAP extension allows for a null pointer dereference when parsing overly large XML namespace prefixes, potentially leading to crashes and affecting system availability. This issue impacts PHP versions before 8.1.33, 8.2.29, 8.3.23, and 8.4.10. Source.
3. CVE-2025-1735: In certain PHP versions, the pgsql and pdo_pgsql escaping functions do not verify if the underlying quoting functions return errors. This can result in crashes if the PostgreSQL server rejects the string. Affected versions are PHP before 8.1.33, 8.2.29, 8.3.23, and 8.4. Source.

Final Words

As we wrap up today's edition of Secret CISO, it's clear that the digital landscape is fraught with challenges and opportunities for vigilance. From the ongoing investigations into data breaches at companies like Rockerbox and Artivion to the cybersecurity threats facing luxury brands like Louis Vuitton and genetic data firms like 23andMe, the need for robust security measures has never been more pressing.

Meanwhile, the technical vulnerabilities highlighted in Nvidia's GPUs, Ruckus Networks, and the Bluetooth stack remind us that even the most advanced technologies can harbor risks. The revelations about EV charging infrastructure and U.S. train systems further underscore the importance of securing our critical infrastructure against potential threats.

Finally, the recent PHP vulnerabilities serve as a stark reminder for developers and system administrators to stay updated and vigilant in their coding practices to prevent exploitation.

We hope you found today's insights valuable and urge you to share this newsletter with your friends and colleagues. By spreading awareness, we can collectively enhance our defenses and foster a more secure digital environment for everyone. Stay safe, stay informed, and see you in the next edition of Secret CISO!