Welcome to today's issue of Secret CISO. We're diving into the world of data breaches and security measures, with a special focus on the rapid adoption of GenAI and its potential misuse.

Gartner warns of a surge in AI data breaches by 2027, raising concerns about data protection. We're also looking at a series of data breaches across various sectors. Innovative Renal Care and The Pension Specialists, Ltd. have both issued data breach alerts, while NorthBay Healthcare Corporation is under investigation for a data breach. In the legal sphere, we're exploring key trends in data breach class actions and the implications for businesses.

We'll also delve into the world of AI in security, with expert insights on leveraging technology, governance, and global competition.

Finally, we're highlighting the work of security researchers who are cautioning against the reliability of AI benchmark scores and exploring the rise of shadow AI apps compromising security. Stay tuned for these stories and more in today's Secret CISO.

Data Breaches

1. Gartner Warns Of AI Data Breach Surge By 2027 Due To GenAI Misuse: Gartner predicts a surge in data breaches by 2027 due to the rapid adoption of GenAI, which is outpacing security measures and raising data protection concerns. Source: BusinessWorld
2. Innovative Renal Care Data Breach: Innovative Renal Care has filed a notice of data breach with the Attorney General following an incident in early 2024. The extent of the breach is yet to be determined. Source: JD Supra
3. The Pension Specialists Data Breach: The Pension Specialists have issued a data breach alert, notifying affected individuals that their personal information, including names and Social Security numbers, may have been compromised. Source: MorningStar
4. Coast Guard Data Breach: The Coast Guard has taken its personnel and pay system offline following a data breach. The system will remain down until at least Feb. 19 while the service investigates the hacking incident. Source: Military.com
5. Xactus Data Breach: Xactus LLC has filed a notice of data breach with the Attorney General of Massachusetts after discovering that an unauthorized individual had compromised individuals' Social Security numbers. Source: JD Supra

Security Research

1. AI in Security: Expert insights on leveraging technology, governance and global competition: Sean Tufts from Optiv discusses how AI advancements are transforming security operations and the governance challenges organizations face. Source: Security Info Watch
2. Researchers Caution AI Benchmark Score Reliability: JRC and Stanford researchers caution that the US AI Diffusion Framework and the Online Safety Act's integration of benchmark scores into compliance standards may not be reliable. Source: GovInfoSecurity
3. IoT cybersecurity devices to double to 28 billion by 2028: Research Author at Juniper Research, Michelle Joynson, predicts a significant increase in IoT cybersecurity devices, emphasizing the importance of human-centric security research. Source: SecurityBrief Asia
4. Akamai unveils Defenders' Guide 2025 to empower cybersecurity teams: Akamai's new guide integrates the security-in-depth framework with proactive measures, providing a firm foundation for research-driven cybersecurity. Source: Security Info Watch
5. Advancing Security Red-Teaming through Probabilistic Binary Analysis: Postdoctoral researcher at Purdue University, Dr. Zhuo Zhang, specializes in software and system security, with his research being published in top-tier venues. Source: WPI

Top CVEs

1. CVE-2025-0001: Abacus ERP versions older than 2024.210.16036, 2023.205.15833, 2022.105.15542 are affected by an authenticated arbitrary file read vulnerability. Source: CVE-2025-0001
2. CVE-2025-23840: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webjema WP-NOTCAPTCHA allows Reflected XSS. Source: CVE-2025-23840
3. CVE-2025-0714: The vulnerability existed in the password storage of Mobateks MobaXterm below 25.0. MobaXTerm uses an initialization vector (IV) that is generated by encrypting null bytes with a derivate of the users master key. As both the master key is static, and AES ECB produces the same output with the same input the IV for AES CFB is always the same. The static IV makes it easier to obtain sensitive information and decrypt data if the data is stored at. Source: CVE-2025-0714
4. CVE-2025-1381: A vulnerability was found in code-projects Real Estate Property Management System 1.0. It has been classified as critical. This affects an unknown part of the file /ajax_city.php. The manipulation of the argument CityName leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be. Source: CVE-2025-1381
5. CVE-2025-1392: A vulnerability has been found in D-Link DIR-816 1.01TO and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/webproc?getpage=html/index.html&var:menu=24gwlan&var:page=24G_basic. The manipulation of the argument SSID leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the. Source: CVE-2025-1392

API Security

1. CVE-2024-13565 - Stored Cross-Site Scripting Vulnerability in Simple Map No Api Plugin for WordPress: The Simple Map No Api plugin for WordPress versions up to 1.9 are vulnerable to Stored Cross-Site Scripting via the ‘width’ parameter. This vulnerability allows authenticated attackers with Contributor-level access and above to inject arbitrary web scripts that execute whenever a user accesses an injected page. Source: CVE-2024-13565
2. CVE-2025-20075 - Server-Side Request Forgery Vulnerability in FileMegane: FileMegane versions above 3.0.0.0 and prior to 3.4.0.0 are susceptible to a server-side request forgery (SSRF) vulnerability. This vulnerability could potentially allow the execution of arbitrary backend Web API requests, leading to a system reboot. Source: CVE-2025-20075

Sponsored by Wallarm API Security Solution

Final Words

And that's a wrap for today's edition of Secret CISO. We hope you found these updates insightful and valuable for your daily operations. Remember, staying informed is the first step in maintaining a robust security posture. As the landscape of data breaches and security threats continues to evolve, it's crucial to stay ahead of the curve.

From the surge of AI data breaches due to GenAI misuse to the increasing concerns over data protection, we're here to keep you updated on the latest trends and incidents.

If you found this newsletter helpful, please consider sharing it with your colleagues and friends. Together, we can foster a more secure digital environment.

Stay safe, stay informed, and see you in the next edition of Secret CISO!