Welcome to today's edition of Secret CISO, where we unravel the tangled web of cybersecurity threats and innovations. In a world where data breaches are becoming alarmingly frequent, today's stories paint a vivid picture of the vulnerabilities lurking in our digital landscape.

We begin with a staggering revelation: 141 million files have been compromised, exposing sensitive bank statements and cryptocurrency keys. This breach is a stark reminder of the fragility of our financial data security. Meanwhile, PDI Health faces its own crisis as unauthorized access to patient records underscores the urgent need for fortified defenses in healthcare.

In a wave of cyberattacks, Lenovo's firmware vulnerabilities, a breach involving French submarine data, and a Russian pharmacy cyberattack highlight the diverse targets of cybercriminals. Across the globe, the New Zealand Transport Agency's privacy breach has led to vehicle thefts, emphasizing the real-world consequences of data exposure.

Corporate giants aren't immune either, as Dollar Tree grapples with a ransomware attack that has laid bare 1.2TB of sensitive company data. As we delve deeper, the threat of deepfake audio technology looms large, challenging the integrity of voice security systems.

On a brighter note, Arizona State University students are tackling cybersecurity challenges head-on, while a hacker's exploitation of Amazon's AI security raises questions about the robustness of AI protocols. Crowdsourced security is emerging as a powerful tool for CISOs, offering a fresh approach to safeguarding AI and data privacy.

In the realm of vulnerabilities, critical flaws in Ceph, the Linux kernel, and SUSE Manager demand immediate attention. The AI Engine plugin for WordPress and openviglet shio also present significant risks, with potential for remote code execution and path traversal attacks.

As we navigate these complex challenges, today's newsletter serves as a call to action for heightened vigilance and innovative solutions in the ever-evolving cybersecurity landscape. Stay informed, stay secure.

Data Breaches

1. 141 Million Data Breach Files Reveal Bank Statements And Crypto Keys: A massive data breach has exposed 141 million files, revealing sensitive information such as bank statements and cryptocurrency keys. This breach highlights the ongoing vulnerabilities in data security and the potential risks to personal financial information. Source: Forbes.
2. PDI Health Data Breach: An unauthorized party accessed PDI Health's systems, compromising patient records that may include names and Social Security numbers. This breach has prompted an investigation by Levi & Korsinsky, LLP, highlighting the critical need for robust data protection in healthcare. Source: WJHL.
3. Oh No! Lenovo, French Submarine Data Breach, Russian Pharmacy Cyberattack: Security firm Binarly discovered vulnerabilities in Lenovo's InsydeH2O UEFI firmware, affecting certain models. This breach is part of a broader wave of cyberattacks, including a breach involving French submarine data and a Russian pharmacy. Source: CISO Series.
4. Vehicles Stolen After NZTA Breaches Privacy of 1000 Owners: A privacy breach at the New Zealand Transport Agency (NZTA) led to the theft of vehicles after the personal information of 1000 owners was exposed. This incident underscores the importance of safeguarding personal data to prevent criminal activities. Source: RNZ News.
5. Dollar Tree Data Breach Exposes Company Data: The INC Ransom gang claims responsibility for a significant data breach at Dollar Tree, exposing 1.2TB of sensitive company data. This breach serves as a stark reminder of the persistent threat posed by ransomware groups to businesses. Source: Cybernews.

Security Research

1. From Imitation to Exploitation: Tackling Deepfake Audio Risks in Voice Security: This Opus Research whitepaper, authored by Ravin Sanjith, delves into the growing threat posed by deepfake audio technology. It highlights the potential risks to voice security systems and suggests strategies for mitigating these threats. Source: Opus Research.
2. ASU Students Tackle Cancer, Climate Change, and Cybersecurity Through Summer Internships: Arizona State University students are making strides in cybersecurity as part of their summer internships. This initiative is part of a broader effort to address pressing global challenges through innovative research and development. Source: ASU News.
3. Hacker Claims to Have Exposed Amazon's 'AI Security Theater': A hacker has reportedly exploited Amazon's coding assistant, raising questions about the effectiveness of its AI security measures. This incident has sparked discussions on the need for more robust security protocols in AI systems. Source: PC Gamer.
4. Crowdsourced Security Gives CISOs Edge in AI & Data Privacy: New research indicates that 15% of Chief Information Security Officers (CISOs) are leveraging crowdsourced security to enhance AI safety and data privacy. This approach is proving beneficial in addressing complex security challenges in large organizations. Source: SecurityBrief Australia.
5. Carnegie Mellon Study Finds LLMs Capable of Autonomous Cyberattack Execution: A study by Carnegie Mellon University reveals that large language models (LLMs) can autonomously execute cyberattacks. This finding underscores the need for heightened vigilance and improved security measures in the face of evolving AI capabilities. Source: Security Info Watch.

Top CVEs

1. CVE-2024-48916: This vulnerability affects Ceph, a distributed storage platform, allowing attackers to bypass JWT signature verification by using "none" as the JWT algorithm. The issue is primarily found in the RadosGW OIDC provider, and as of now, a patched version is not available. Source.
2. CVE-2023-2593: A flaw in the Linux kernel's TCP connection handling can lead to a denial of service. The vulnerability arises from the failure to release memory after its effective lifetime, allowing unauthenticated attackers to exploit this weakness. Source.
3. CVE-2025-46811: SUSE Manager contains a critical vulnerability due to missing authentication for a critical function. This flaw allows unauthorized users to execute arbitrary commands as root via the websocket at /rhn/websocket/minion/remote-commands. The issue affects multiple versions and configurations of SUSE Manager. Source.

API Security

1. AI Engine Plugin for WordPress Vulnerability: The AI Engine plugin for WordPress versions 2.9.3 and 2.9.4 is vulnerable to arbitrary file uploads due to missing file type validation. This flaw allows authenticated attackers with Subscriber-level access to upload arbitrary files on the server, potentially leading to remote code execution. Source: CVE-2025-7847.
2. Openviglet Shio Unrestricted File Upload: A critical vulnerability in openviglet shio up to version 0.3.8 allows remote attackers to exploit the shStaticFileUpload function for unrestricted file uploads, posing significant security risks. Source: CVE-2025-8344.
3. Openviglet Shio Path Traversal: Another critical vulnerability in openviglet shio up to version 0.3.8 involves path traversal through the shStaticFilePreUpload function, allowing remote attackers to manipulate file paths. Source: CVE-2025-8343.
4. Ceph JWT Signature Bypass: Ceph versions 19.2.3 and below are vulnerable to JWT signature bypass when the JWT algorithm is set to "none," potentially allowing unauthorized access. Source: CVE-2024-48916.
5. OAuth2-Proxy Authentication Bypass: OAuth2-Proxy deployments using the skip_auth_routes configuration option are vulnerable to authentication bypass due to query parameter inclusion, allowing unauthorized access to protected resources. Source: OAuth2-Proxy Vulnerability.

Sponsored by Wallarm API Security Solution

Final Words

As we wrap up today's edition of Secret CISO, it's clear that the digital landscape is ever-evolving, with new threats emerging at every turn. From massive data breaches exposing sensitive financial information to vulnerabilities in AI and cybersecurity systems, the need for vigilance and robust security measures has never been more critical.

We've explored a range of incidents, from the exposure of bank statements and crypto keys to unauthorized access in healthcare systems, and even breaches affecting global corporations like Lenovo and Dollar Tree. These stories serve as stark reminders of the importance of safeguarding our digital assets and personal information.

In the realm of AI, the challenges posed by deepfake audio and the potential for autonomous cyberattacks underscore the need for innovative solutions and proactive strategies. Meanwhile, initiatives like those at Arizona State University highlight the power of education and research in tackling these pressing issues.

As we continue to navigate these complex challenges, remember that knowledge is power. By staying informed and sharing insights, we can collectively strengthen our defenses against cyber threats. If you found today's newsletter valuable, please consider sharing it with your friends and colleagues. Together, we can build a more secure digital future.

Thank you for joining us today. Stay safe, stay informed, and we'll see you in the next edition of Secret CISO.