Hello there, Secret CISO readers! We've got a lot to cover in today's newsletter, so let's dive right in. First up, we're looking at a significant data breach at Genea, one of Australia's largest IVF providers. With the potential to affect thousands of families, this cyberattack is a stark reminder of the vulnerabilities in our healthcare systems.

Meanwhile, the US Coast Guard is also grappling with a data breach that has disabled its payroll and personnel systems, affecting over 1,000 service members. In other news, the widespread use of GenAI is raising data breach concerns, with Gartner predicting that AI governance will become a requirement of all sovereign AI laws and regulations worldwide by 2027. We also have a surprising development from Elon Musk's team, DOGE, which has reportedly gained access to student loan data at the Department of Education. This could potentially expose the Social Security numbers and income data of millions of people with student loans. In the legal world, we're seeing the fallout from data breaches with Capital One facing a class action over a nine-month data breach, and Murphy Law Firm investigating legal claims on behalf of those affected by the Innovative Renal Care data breach.

Finally, we're taking a look at how to distinguish fraudulent data breach alerts from real ones, and examining how a recent ruling in Illinois could influence future data breach cases. Stay tuned for all this and more in today's edition of Secret CISO.

Data Breaches

1. IVF Giant Investigates Data Breach: Genea, a leading IVF provider in Australia, is currently investigating a cyberattack that could potentially affect the data of thousands of families. The extent and nature of the data compromised are yet to be disclosed. Source: The Sydney Morning Herald
2. US Coast Guard Data Breach: A data breach affecting the US Coast Guard has resulted in its payroll and personnel systems being disabled, delaying pay for over 1000 service members. The breach's origin and the extent of the data compromised are currently under investigation. Source: Cyber Daily
3. DOGE Accesses Student Loan Data: Elon Musk's team may have gained access to the Social Security numbers, income data, and other personal information of 40 million people with student loans, according to a court statement. The implications of this breach are still being assessed. Source: Forbes
4. Innovative Renal Care Data Breach: Murphy Law Firm is investigating legal claims on behalf of individuals whose information was exposed in the Innovative Renal Care data breach. The extent of the data exposed and the number of individuals affected are yet to be disclosed. Source: GlobeNewswire
5. Capital One Hit With Class Action Over Nine-Month Data Breach: Capital One Financial Corp. is facing a class action lawsuit for allegedly failing to protect the personal information of thousands of consumers following a nine-month data breach. The extent of the data exposed and the number of individuals affected are yet to be disclosed. Source: Bloomberg Law News

Security Research

1. Chinese Apps Data Transmission to State-Linked Entities: Security researchers have discovered that the Chinese app, DeepSeek, transmits user data to Chinese state-linked entities. The app also uses weak encryption, raising concerns about data privacy and security. Source: WBBJ TV
2. Unauthenticated Bypass via Apple USB Vulnerability: Security consultancy Quarkslab has found a flaw in Apple's USB that could allow threat actors to bypass USB lockouts. This vulnerability could potentially expose users' data to unauthorized access. Source: SC Media
3. Human Behaviour in Security Trends: A report has identified a significant gap in security research, noting a lack of focus on the interaction between end users, operators, and non-decision makers. This suggests that understanding human behaviour is critical in predicting and preventing security breaches. Source: SecurityBrief Australia
4. Clinical Trial Database Exposes 1.6M Records: Security researcher Jeremiah Fowler discovered that a clinical trial database exposed 1.6 million patient records on the web. The exposed database contained patient surveys in a PDF format, potentially compromising patient confidentiality. Source: BankInfoSecurity
5. Malware Planted in Steam Game to Steal Gamers' Passwords: Security researchers found that hackers planted malware in a Steam game called PirateFI to steal gamers' passwords. The game was removed after the discovery, but the incident raises concerns about the security of online gaming platforms. Source: TechCrunch

Top CVEs

1. CVE-2025-1414: Firefox 135 has been found to contain memory safety bugs, some of which could potentially be exploited to run arbitrary code. This vulnerability affects Firefox versions prior to 135. Source: CVE-2025-1414
2. CVE-2025-0422: The "bestinformed Web" application has a vulnerability that allows an authenticated user to execute commands on the server running the application. This could be exploited if an account with the correct permissions is compromised. Source: CVE-2025-0422
3. CVE-2025-25474: DCMTK v3.6.9+ DEV has been discovered to contain a buffer overflow vulnerability via the component. Source: CVE-2025-25474
4. CVE-2025-25473: FFmpeg git master before commit c08d30 has been discovered to contain a NULL pointer dereference via the component. Source: CVE-2025-25473
5. CVE-2025-0864: The Active Products Tables for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'shortcodes_set' parameter in all versions up to, and including, 1.0.6.6 due to insufficient input sanitization and output escaping. This could allow unauthenticated attackers to inject arbitrary web scripts in pages. Source: CVE-2025-0864

API Security

1. Security Vulnerability in Duende.AccessTokenManagement: Duende.AccessTokenManagement, a set of .NET libraries managing OAuth and OpenId Connect access tokens, has a race condition when requesting access tokens using the client credentials flow. This could lead to access tokens being obtained with incorrect scope, resource indicator, or other protocol parameters. The issue affects a small percentage of users, particularly those making concurrent requests with varying protocol parameters. Most users can resolve the issue by updating to the latest NuGet package version. Source: vulners.com

Sponsored by Wallarm API Security Solution

Final Words

And that's a wrap for today's edition of Secret CISO. From the IVF data breach in Australia to the Coast Guard's payroll system disruption, it's clear that cybersecurity threats are a global concern. As AI use continues to rise, so do the concerns about potential data breaches. Remember, knowledge is power. Stay informed, stay secure. If you found this newsletter helpful, please consider sharing it with your colleagues and friends.

Let's work together to create a safer digital world. Until next time, stay vigilant and keep those systems secure.