Welcome to today's edition of Secret CISO, where the digital realm's most pressing security stories unfold into a narrative of caution and innovation. As we dive into the latest developments, a common thread emerges: the relentless pursuit of safeguarding sensitive data and the continuous evolution of cybersecurity measures.

In a world where data breaches are becoming alarmingly frequent, AT&T customers are on the brink of receiving up to $7,500 each as part of a massive $177 million settlement following two significant breaches. Meanwhile, Keenan & Associates' $33.8 million settlement underscores the financial repercussions of failing to protect client information. These cases highlight the critical need for robust data protection strategies.

Across the border, the Canadian Investment Regulatory Organization grapples with a breach exposing member data, while Openforce faces legal scrutiny over a similar incident. These breaches serve as stark reminders of the vulnerabilities lurking within our systems, urging organizations to fortify their defenses.

On the technological frontier, the Department of Homeland Security is spearheading efforts to harmonize global traveler security standards, while Texas Tech University and the FBI join forces to advance cybersecurity research. These initiatives reflect a proactive stance in addressing emerging threats and enhancing national security.

In the realm of vulnerabilities, the spotlight is on critical flaws like CVE-2025-9132 in Google Chrome's V8 engine and CVE-2025-55294 in the screenshot-desktop application. These vulnerabilities, alongside others like the Commvault API flaw, emphasize the urgent need for vigilant patch management and secure coding practices.

As we navigate this intricate web of security challenges, the importance of cultivating a strong security culture within organizations becomes evident. By fostering awareness and proactive measures, we can mitigate the risks posed by adversarial AI, deepfake attacks, and other cyber threats.

Stay informed, stay secure, and join us tomorrow as we continue to unravel the ever-evolving landscape of cybersecurity.

Data Breaches

1. Potential $7,500 payout for AT&T customers affected by data breaches: Eligible AT&T customers can file claims for up to $7500 as part of a class action $177 million lawsuit following two data breaches in 2024. The breaches exposed sensitive customer information, leading to significant legal action and settlement. Source: Alaska's News Source
2. $33.8M Keenan & Associates data breach class action settlement: Keenan & Associates agreed to a $33.8 million class action lawsuit settlement to resolve claims it failed to prevent a data breach that occurred. The breach compromised sensitive client information, prompting legal action and a substantial settlement. Source: Top Class Actions
3. 47,000 Individuals Affected by Data Breach, Reveals NY Business Council: A data breach affecting 47,000 individuals highlights potential vulnerabilities in intrusion detection systems (IDS) and security information and event management (SIEM). The breach has raised concerns about the effectiveness of current cybersecurity measures. Source: GBHackers
4. Openforce Data Breach: Sensitive Info Compromised, Lawyers Investigate: A data breach at Openforce was reported in August 2025 and may have exposed sensitive information. Legal investigations are underway to determine the extent of the breach and potential repercussions for affected individuals. Source: Class Action
5. Canadian Financial Regulator Hacked, Exposing Personal Data from Members: The Canadian Investment Regulatory Organization (CIRO) reported a data breach that exposed personal information of its members. Efforts are being made to identify the breached data and notify those affected. Source: Infosecurity Magazine

Security Research

1. Harmonizing Global Standards for Travelers - Homeland Security: The Department of Homeland Security is advancing international aviation safety by researching, developing, and validating new screening systems. This initiative aims to create a unified global standard for traveler security, enhancing safety and efficiency across borders. Source: dhs.gov
2. Tech, FBI form cybersecurity research deal: Texas Tech University has partnered with the FBI to bolster its cybersecurity research program, which currently has a $10 million annual budget. This collaboration aims to enhance the development of cybersecurity solutions and strengthen national security measures. Source: dailytoreador.com
3. McCrary Institute welcomes former secretary of homeland security: The McCrary Institute at Auburn University is enhancing its research capabilities by welcoming a former homeland security secretary to its advisory board. The institute focuses on developing practical solutions to protect critical infrastructure systems. Source: auburn.edu
4. Agentic AI, Apple Intelligence, EV Chargers: Cyber Peril Abounds: Security researchers are highlighting vulnerabilities in AI systems, Apple intelligence, and electric vehicle chargers. These findings underscore the growing cyber risks associated with emerging technologies and the need for robust security measures. Source: darkreading.com
5. Why Your Security Culture is Critical to Mitigating Cyber Risk: Building a strong security culture within organizations is crucial for mitigating cyber risks, especially against adversarial AI and deepfake attacks. This research emphasizes the importance of employee awareness and proactive security practices. Source: thehackernews.com

Top CVEs

1. CVE-2025-9132: An out-of-bounds write vulnerability in V8, the JavaScript engine of Google Chrome, prior to version 139.0.7258.138, allows remote attackers to potentially exploit heap corruption via a crafted HTML page. This vulnerability poses a significant risk as it can lead to arbitrary code execution. Source: Vulners.
2. CVE-2025-55294: The screenshot-desktop application contains a command injection vulnerability. User-controlled input passed into the format option of the screenshot function is interpolated into a shell command without proper sanitization, allowing arbitrary command execution with the privileges of the calling process. This vulnerability has been addressed in recent updates. Source: Vulners.
3. CVE-2025-8450: An improper access control issue in the Workflow component of Fortra's FileCatalyst allows unauthenticated users to upload arbitrary files via the order forms. This vulnerability could be exploited to execute malicious files on the server, posing a significant security risk. Source: Vulners.

API Security

1. Commvault API Vulnerability: A vulnerability in Commvault before version 11.36.60 allows unauthenticated attackers to execute API calls without requiring user credentials. While Role-Based Access Control (RBAC) can limit exposure, it does not eliminate the risk entirely. This issue highlights the importance of securing login mechanisms to prevent unauthorized access. Source: Vulners.
2. Command Injection via Screenshot Function: A critical command injection vulnerability exists when user-controlled input is passed into the format option of the screenshot function. This flaw allows attackers to execute arbitrary commands with the privileges of the calling process, posing a significant risk to applications that accept untrusted input. The issue has been patched in version 1.15.2, and users are advised to upgrade. Source: Vulners.
3. Mermaid XSS Vulnerability: In mermaid version 11.9.0, a cross-site scripting (XSS) vulnerability is present due to improper sanitization of user-supplied input for architecture diagram icons. This allows malicious users to inject arbitrary HTML, leading to potential XSS attacks when mermaid-js is used in its default configuration. Source: Vulners.
4. GenX FX API Key Exposure: A vulnerability in the GenX FX backend can expose API keys and authentication tokens if environment variables are misconfigured. This flaw could allow unauthorized users to access cloud resources, emphasizing the need for secure configuration management. Source: Vulners.
5. qBit Manage Path Traversal: A path traversal vulnerability in qBit Manage's web API allows authenticated users to read arbitrary files from the server filesystem. By manipulating the backup_id parameter, attackers can bypass directory restrictions, highlighting the importance of input validation and secure API design. Source: Vulners.

Sponsored by Wallarm API Security Solution

Final Words

As we wrap up today's edition of Secret CISO, it's clear that the cybersecurity landscape is as dynamic as ever. From potential payouts for data breach victims to vulnerabilities in cutting-edge technologies, the need for vigilance and proactive measures is paramount. Whether it's the ongoing legal battles following breaches or the exciting collaborations aimed at enhancing cybersecurity research, each story underscores the importance of staying informed and prepared.

We also explored the critical role of security culture in organizations and the vulnerabilities that can arise from emerging technologies. These insights remind us that cybersecurity is not just about technology but also about people and processes working together to mitigate risks.

If you found today's newsletter insightful, please consider sharing it with your friends and colleagues. By spreading awareness, we can collectively strengthen our defenses against the ever-evolving cyber threats. Stay safe, stay informed, and see you in the next edition of Secret CISO!