Welcome to today's issue of Secret CISO, your daily dose of the most impactful cybersecurity news. Today, we're diving into a series of data breaches involving high-profile figures and organizations.

First up, we're looking at a lawsuit involving Elon Musk, where the tech mogul and his team are accused of obtaining sensitive information such as Social Security numbers and bank account details. The California Attorney General has joined the lawsuit, adding another layer of complexity to the case. Meanwhile, across the Pacific, a data breach involving the Philippine Charity Sweepstakes Office has underscored the urgent need to strengthen government agencies' security measures. In the industrial sector, there's a growing call for cyber risk quantification to safeguard OT asset owners amid rising threats. The lack of security controls in place is a cause for concern.

On the healthcare front, Memorial Hospital and Manor has notified over 120,000 people of a November ransomware attack. The incident highlights the importance of robust data security measures in the healthcare sector. In other news, a recent article from The Globe and Mail provides tips on how to shrink your digital footprint and boost online security, emphasizing the importance of anonymity as a secret weapon against data breaches.

Finally, we delve into the world of ransomware attacks, with a CBI investigation revealing a ransomware attack on a crucial defense unit and a data breach impacting millions of Indian users. Stay tuned for more updates on these stories and other cybersecurity news. Stay safe and secure!

Data Breaches

1. Data Breach Involving Elon Musk: California's Attorney General has joined a lawsuit against Elon Musk, alleging that Musk and his team obtained sensitive information such as Social Security numbers and bank account details. Source: Newsbreak
2. Data Breach of PCSO: The Philippine Charity Sweepstakes Office is under scrutiny for an alleged data breach, highlighting the need for government agencies to strengthen their data security measures. Source: Senate.gov.ph
3. Memorial Hospital and Manor Ransomware Attack: Memorial Hospital and Manor has notified 120,085 people of a data security incident in November, believed to be a ransomware attack. The hospital has not disclosed the identity of the attacker. Source: DataBreaches.net
4. Ransomware Attack on Crucial Defense Unit in India: The Central Bureau of Investigation in India has uncovered a ransomware attack on a crucial defense unit, impacting millions of Indian users. Source: The New Indian Express
5. DOGE's Data Sharing Sparks Concern: The Department of Government Efficiency (DOGE) has raised concerns in the intelligence community by sharing agency data online. The nature of the shared data and whether it includes classified information is unclear. Source: ABC7

Security Research

1. Scholar from Malakand unveils groundbreaking research on AI security risks: Malik Zubair, an MPhil scholar at the University of Malakand's Department of Computer Science & IT, has successfully defended his research on AI security risks. His work contributes to the growing body of knowledge on the potential vulnerabilities of AI systems. Source: The News
2. Over 12,000 KerioControl Firewalls Vulnerable to RCE Exploits: Security researchers at GreyNoise have detected active exploitation of a flaw in KerioControl Firewalls, discovered by researcher Egidio Romano. The vulnerability leaves over 12,000 firewalls susceptible to Remote Code Execution (RCE) exploits. Source: vpnMentor
3. Securing the Future: Manvitha Gali's Transformative Impact on IoT Network Security: Manvitha Gali's research focuses on key areas like task offloading, drone network privacy, and advanced threat detection in IoT networks. Her expertise stems from over seven years of experience in the field. Source: TechTimes
4. Worrying YouTube security flaw exposed billions of user emails: A security researcher discovered a significant vulnerability in YouTube's security. The flaw could have allowed outsiders to gain access to all YouTube account emails, potentially affecting billions of users. Source: Yahoo
5. Hackers exploit authentication bypass in Palo Alto Networks PAN-OS: Security researchers at Assetnote discovered an authentication bypass vulnerability in Palo Alto Networks PAN-OS. The flaw has already been exploited by hackers, highlighting the need for immediate patching. Source: Bleeping Computer

Top CVEs

1. CVE-2025-0822: The Bit Assist plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.5.2 via the fileID Parameter. This allows authenticated attackers, with Subscriber-level access, to read the contents of arbitrary files on the server, potentially containing sensitive data. Source: vulners.com
2. CVE-2025-1005: The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Accordion widget in all versions up to, and including, 3.4.0. This allows authenticated attackers, with contributor-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Source: vulners.com
3. CVE-2024-13513: The Oliver POS – A WooCommerce Point of Sale (POS) plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.4.2.3 via the logging functionality. This allows unauthenticated attackers to extract sensitive data including the plugin's clientToken, which can be used to change user account information, leading to a complete site takeover. Source: vulners.com
4. CVE-2024-12562: The s2Member Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 241216 via deserialization of untrusted input from the 's2member_pro_remote_op' vulnerable parameter. This allows unauthenticated attackers to inject a PHP Object, potentially leading to deletion of arbitrary files, retrieval of sensitive data, or execution of arbitrary code. Source: vulners.com
5. CVE-2024-13752: The WP Project Manager plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check in the '/pm/v2/settings/notice' endpoint in all versions up to, and including, 2.6.17. This allows authenticated attackers, with Subscriber-level access, to cause a persistent denial of service. Source: vulners.com

API Security

1. CVE-2024-57971 - Vulnerability in Knowage Server: The SpagoBI API support in Knowage Server, versions before 8.1.30, has a vulnerability where DataSourceResource.java does not ensure that java:comp/env/jdbc/ occurs at the beginning of a JNDI. This could potentially allow an attacker to exploit the system. Source: vulners.com

Sponsored by Wallarm API Security Solution

Final Words

And that's a wrap for today's edition of Secret CISO. From Elon Musk's data breach to the urgent need for strengthened security measures in government agencies, it's clear that the world of cybersecurity is as dynamic and unpredictable as ever. Remember, in the digital world, knowledge is your secret weapon. So, stay informed, stay secure. If you found today's newsletter helpful, don't keep it a secret.

Share it with your friends and colleagues. Let's spread the word and make the digital world a safer place for everyone.

Until next time, stay safe and secure.