Welcome to today's issue of Secret CISO. We have a lot to unpack today, starting with a data breach investigation involving Nuna Baby Essentials, Inc. by Levi & Korsinsky, LLP. If you've received a data breach notification letter from Nuna, you're likely part of this investigation.

In other news, DecisionFi has sent out data breach letters following a cybersecurity incident in January 2025. The company discovered that certain files were compromised and has since filed a notice of data breach with the Attorney General of New Hampshire. We also delve into the importance of balancing patient and staff experiences with data security in the healthcare sector. Aligning security and business leaders can foster a culture of innovation and trust, enhancing security, engagement, and compliance.

In a similar vein, American Renal Management LLC is under investigation for a data breach that may have caused long-term damage. Hackers may use the stolen information to commit identity theft, underscoring the seriousness of data breaches. Via Credit Union is also under investigation for a data breach, having engaged a forensic security firm to ensure the security of its computer network. In a massive data breach, the PowerSchool breach has impacted data going back as far as 40 years. Stolen credentials have had a significant impact, highlighting the importance of robust data security measures.

We also touch on the House Energy and Commerce's request for feedback on incorporating data security into potential national strategies. Stay tuned for more updates on data breaches, security research, and expert features on securing passwords and endpoints in the age of AI.

Data Breaches

1. Nuna Baby Essentials Inc. Data Breach: Nuna Baby Essentials Inc. is under investigation by Levi & Korsinsky, LLP for a data breach that could potentially cause long-term damage to affected individuals. If you've received a data breach notification letter from Nuna, you're likely affected. Source: pahomepage.com
2. DecisionFi Cybersecurity Incident: DecisionFi LLC filed a notice of data breach with the Attorney General of New Hampshire after discovering that certain files were compromised in a cybersecurity incident in January 2025. Source: jdsupra.com
3. Innovative Renal Care Data Breach: American Renal Management LLC, doing business as Innovative Renal Care, is under investigation for a data breach that could potentially cause long-term damage. Hackers may use the stolen information to commit fraudulent activities. Source: abc4.com
4. Via Credit Union Data Breach: Via Credit Union is under investigation by Federman & Sherwood for a data breach. The credit union has engaged a forensic security firm to assist with the investigation and ensure the security of its computer network. Source: globenewswire.com
5. Oral Roberts University Data Breach: Oral Roberts University is under investigation by Federman & Sherwood for a data breach that may have compromised sensitive personal information. The breach involved unauthorized access to certain ORU systems. Source: morningstar.com

Security Research

1. LibreOffice Flaws Allow Attackers to Run Malicious Files on Windows: Security researcher Amel Bouziane-Leblond discovered a flaw in LibreOffice that allows attackers to run malicious files on Windows. The flaw was reported through LibreOffice's responsible disclosure channels. Source: GBHackers
2. Securing Passwords And Endpoints In The Age Of AI: In a panel discussion, industry experts discussed the intersection of AI, passwords, and endpoint security. The conversation highlighted the importance of securing passwords and endpoints in the era of AI. Source: Information Security Buzz
3. SquareX Aims to Redefine Cybersecurity with Browser Security: Dakshitaa Babu, Product Evangelist and Security Researcher at SquareX, explained that the company is providing the world's first browser security solution. The aim is to redefine cybersecurity by focusing on browser security. Source: IT Brief Australia
4. Improving Threat Intelligence Collection: Senior Threat Intelligence Researcher Tammy Harper discussed the importance of building effective intelligence requirements for improving threat intelligence collection. The article provides insights into the key aspects to consider for enhancing threat intelligence. Source: ChannelE2E
5. Hackers Steal Credit Card Data Using GTM: Security researcher Puja Srivastava reported that hackers are stealing credit card information from checkout pages using GTM. The stolen data is then sent to an external source. Source: Direct Marketing News

Top CVEs

1. CVE-2025-22868: A vulnerability allows an attacker to pass a malicious malformed token causing unexpected memory consumption. This could lead to a potential Denial of Service (DoS) attack. Source: CVE-2025-22868
2. CVE-2025-22869: SSH servers implementing file transfer protocols are vulnerable to a DoS attack. Attackers can slow down or halt key exchanges, causing pending content to be read into memory but never released. Source: CVE-2025-22869
3. CVE-2024-47051: Mautic versions before 5.2.3 have two critical security vulnerabilities that could be exploited by authenticated users. These include Remote Code Execution (RCE) via Asset Upload and Path Traversal File Deletion. Source: CVE-2024-47051
4. CVE-2024-12434: The SureMembers plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to and including 1.10.6 via the REST API. This allows unauthenticated attackers to extract sensitive data. Source: CVE-2024-12434
5. CVE-2022-49731: In the Linux kernel, a vulnerability has been resolved that could cause a kernel oops in the unlikely case that the 'ppi' parameter of ata_host_alloc_pinfo() points to an array starting with a NULL pointer. Source: CVE-2022-49731

API Security

1. Incorrect Authorization Vulnerability in WSO2 Products: Multiple WSO2 products have an incorrect authorization vulnerability that allows protected APIs to be accessed directly using a refresh token instead of the expected access token. This could lead to unauthorized operations and impact data confidentiality. Source: CVE-2024-2321
2. Linux Kernel Vulnerability: A vulnerability has been resolved in the Linux kernel that previously allowed for a NULL-pointer dereference if Hyper-V enlightenments were exposed to the guest without an in-kernel local APIC. Source: CVE-2025-21779
3. Insecure Direct Object References in SunGrow iSolarCloud: SunGrow iSolarCloud, before the October 31, 2024 remediation, is vulnerable to insecure direct object references (IDOR) via multiple APIs, potentially exposing sensitive data. Source: CVE-2024-50693, CVE-2024-50687, CVE-2024-50686, CVE-2024-50685, CVE-2024-50689
4. Improper Authorization in Mautic's Reporting API: An authorization vulnerability in Mautic's HTTP Basic Authentication implementation could allow unauthorized access to sensitive report data. Source: GHSA-8XV7-G2Q3-FQGC, CVE-2024-47053
5. Sensitive Information Exposure in SureMembers Plugin for WordPress: The SureMembers plugin for WordPress is vulnerable to Sensitive Information Exposure via the REST API, allowing unauthenticated attackers to extract sensitive data. Source: CVE-2024-12434

Sponsored by Wallarm API Security Solution

Final Words

As we wrap up today's edition of the Secret CISO newsletter, we'd like to remind you that data breaches are not just a threat, but a reality that can cause long-term damage. From Nuna Baby Essentials to DecisionFi, American Renal Management, and Via Credit Union, organizations across various sectors are grappling with the aftermath of data breaches. In the healthcare sector, balancing patient and staff experiences with data security is a critical challenge. Meanwhile, the education sector is dealing with the impact of stolen credentials affecting data going back as far as 40 years. On the legislative front, the House Energy and Commerce is seeking feedback on incorporating data security into potential national policies. In the world of cybersecurity research, experts are focusing on securing passwords and endpoints in the age of AI, redefining cybersecurity with browser security, and improving threat intelligence collection. In the face of these challenges, it's crucial to stay informed and proactive.

Share this newsletter with your friends and colleagues to keep them in the loop.

Remember, knowledge is power, especially when it comes to cybersecurity. Stay safe and see you in the next edition of Secret CISO.