Welcome to today's edition of Secret CISO, where we unravel a tapestry of cyber incidents that span continents and sectors, each thread weaving a story of vulnerability and resilience.

In Pakistan, a massive data breach has exposed sensitive personal information, prompting an urgent investigation by the Interior Minister. This incident echoes across the globe as educational institutions in the U.S. grapple with their own data security challenges, with thousands of students and teachers affected by a breach in the PowerSchool system.

Meanwhile, cybercriminals have infiltrated Somerset County's public services, exploiting email accounts to access confidential information, highlighting the critical need for fortified cybersecurity measures in public sectors.

On the corporate front, Salesloft's recent breach, traced back to a GitHub compromise, underscores the vulnerabilities inherent in third-party integrations, while a new tool, Thermoptic, emerges to bolster privacy by masking user activity.

As we delve deeper, we explore the evolving landscape of cyber threats, where advanced persistent threats blur the lines between real and simulated dangers, and AI-driven surveillance is touted as the future of crime prevention.

In the realm of vulnerabilities, critical exploits in Siemens firmware and Microsoft Azure services demand immediate attention, as they pose significant risks to both industrial systems and cloud environments.

Join us as we navigate these complex narratives, seeking insights and solutions to fortify our digital defenses in an ever-evolving cyber world.

Data Breaches

1. Islamabad Orders Probe into Online Data Leak Concerning Thousands of Pakistanis: Pakistan's Interior Minister, Mohsin Naqvi, has initiated an investigation into a significant data leak affecting thousands of Pakistani nationals. The breach reportedly involves sensitive personal information, raising concerns about privacy and security. Source: Arab News.
2. Thousands of CMS Students, Teachers Impacted in Data Breach: A data breach involving the PowerSchool system has potentially compromised the personal information of students and teachers, including names, contact details, and limited medical information. The incident has raised alarms about the security of educational data systems. Source: MSN.
3. Major Data Breach in Pakistan Exposes Citizens' Personal Information for Sale Online: A significant breach has exposed sensitive data of Pakistani citizens, including mobile SIM details, call logs, and national identity card copies. This incident highlights the ongoing challenges in protecting personal data from cybercriminals. Source: Mobile ID World.
4. Somerset County Files Accessed by Cyber Criminals to Gain Personal Information: Cybercriminals accessed email accounts within Somerset County's Children and Youth Services Department, potentially compromising confidential information. The breach, which occurred over several months, underscores the need for robust cybersecurity measures in public services. Source: Daily American.
5. Salesloft Drift Breach Traced to GitHub Compromise and Stolen OAuth Tokens: Salesloft has disclosed details of a security incident involving its Drift application, which was traced back to a GitHub compromise and stolen OAuth tokens. The breach has been contained, but it highlights the vulnerabilities associated with third-party integrations. Source: Hackread.

Security Research

1. Risky Bulletin: New APT dismissed as a phishing test: A recent report initially identified a new Advanced Persistent Threat (APT), but further investigation revealed it was merely a sophisticated phishing test. This highlights the challenges in distinguishing between real threats and simulated exercises in cybersecurity. Source: Risky.biz
2. New tool—Thermoptic: Security researcher Matthew Bryant has introduced Thermoptic, an innovative HTTP stealth proxy that disguises requests to appear as if they originate from the Chrome browser. This tool aims to enhance privacy and security by masking user activity from potential surveillance. Source: Risky.biz
3. This $7.5 Billion Startup Says AI Surveillance Is The Future Of Fighting Crime: A startup valued at $7.5 billion is advocating for AI-driven surveillance as a key strategy in combating crime. The company believes that leveraging artificial intelligence can significantly enhance public safety and law enforcement efficiency. Source: YouTube
4. Trends: Cyber threats enter a new era: Noushin Shabab, a lead security researcher for Kaspersky, discusses the evolution of cyber threats, emphasizing the increasing sophistication of threat actors. The report suggests that advanced tools and techniques are becoming more prevalent, necessitating robust security solutions. Source: The Edge Malaysia
5. Zero Trust + AI: Protecting What Firewalls Can't: This research explores the integration of Zero Trust principles with AI technologies to address security gaps that traditional firewalls cannot cover. The approach aims to provide comprehensive protection for distributed and mobile enterprises. Source: The Hacker News

API Security

1. Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware: A critical exploit has been identified in Siemens firmware, leading to uncontrolled resource consumption. This vulnerability can be exploited remotely, potentially causing significant disruption to affected systems. The exploit is publicly available, raising the urgency for immediate mitigation. Source: Vulners.
2. CVE-2025-10084: A vulnerability in elunez eladmin up to version 2.7 affects the SysLogController component, leading to improper authorization. This flaw allows remote attackers to exploit the system, with the exploit being publicly accessible. Immediate attention is required to prevent unauthorized access. Source: Vulners.
3. CVE-2025-10080: Running-elephant Datart up to version 1.0.0-rc3 contains a vulnerability due to the use of a hard-coded cryptographic key. This issue, although complex to exploit, poses a significant security risk as it can be executed remotely. The exploit has been disclosed publicly, necessitating prompt action. Source: Vulners.
4. Exploit for CVE-2025-54914: A critical privilege escalation vulnerability in Microsoft Azure Networking services, scored 10.0 on CVSS, allows attackers to gain full control over Azure networking resources. This remote exploit poses a severe threat to cloud and hybrid environments, requiring immediate remediation. Source: Vulners.
5. CVE-2025-10073: Portabilis i-Educar up to version 2.10 is vulnerable to improper authorization due to an unknown function in the API module. This vulnerability can be exploited remotely, with the exploit publicly available, highlighting the need for urgent security measures. Source: Vulners.

Sponsored by Wallarm API Security Solution

Final Words

As we wrap up today's edition of Secret CISO, it's clear that the world of cybersecurity is as dynamic and challenging as ever. From significant data breaches in Pakistan and educational systems to the evolving landscape of cyber threats, the need for vigilance and robust security measures is paramount. The stories we've covered today highlight the importance of staying informed and proactive in protecting personal and organizational data.

We've also explored innovative tools and strategies, like the introduction of Thermoptic and the integration of Zero Trust with AI, which offer promising solutions to emerging threats. As cybercriminals continue to evolve their tactics, so must our defenses.

Thank you for joining us on this journey through the latest in cybersecurity news and insights. If you found today's newsletter valuable, please consider sharing it with your friends and colleagues. Together, we can build a more secure digital world.

Stay safe, stay informed, and we'll see you in the next edition of Secret CISO!