Welcome to today's issue of Secret CISO, your daily dose of cybersecurity insights. Today, we're counting down to the new EDPB guidelines on pseudonymisation, a crucial step in ensuring data protection compliance under Article 25 GDPR. In the spotlight are Security magazine's Top Cybersecurity Leaders of 2025, who are setting the pace in the information security landscape. But as we celebrate these leaders, we also delve into the dark side of cybersecurity, exploring the rise of new malware that exploits fake updates to steal data.

We also bring you news of a ransomware attack on Singapore's HomeTeamNS and a security breach involving Bitcointry Token (BTTY), highlighting the ever-present threat of cyber attacks. In the cloud space, we discuss the increasing frequency of cloud attacks and the prevalence of cloud-stored data breaches. We also look at the urgent need for stronger security measures in the telecommunications sector. In the AI realm, we explore how cybersecurity and AI are helping producers become safer and more profitable. And in the legal world, we investigate claims in the Zacks Investment Research data breach.

Finally, we examine the risk to MSPs from data breach lawsuits and the public safety failures in Minneapolis. Stay tuned for more updates and remember, knowledge is the best defense against cyber threats. Stay informed, stay secure.

Data Breaches

1. New Malware Exploits Fake Updates to Steal Data: Cybersecurity researchers have discovered a new malware that exploits fake updates to steal data. The malware has been observed in infostealer logs, which have been circulating 3.9 billion credentials. Infostealer malware is known for its data theft capabilities. Source: CyberGuy
2. Singapore's HomeTeamNS Hit by Ransomware Attack: HomeTeamNS, a Singaporean organization, has been targeted in a ransomware attack. The organization is working closely with cybersecurity experts to mitigate the impact and protect stakeholders' personal data. Source: Computer Weekly
3. Bitcointry Token (BTTY) Security Breach: A security breach involving Bitcointry Token (BTTY) has raised alarms for investors. Such incidents often lead to immediate sell-offs and significant financial losses. Source: TradingView News
4. Automation Platform Zapier Breach May Expose Customer Data: A data breach at automation platform Zapier may expose customer data. The breach resulted from a misconfiguration of two-factor authentication (2FA) on an employee's account. Source: Tech in Asia
5. Qilin Ransomware Gang Claimed Responsibility for the Lee Enterprises Attack: The Qilin ransomware group has claimed responsibility for attacking the newspaper Lee Enterprises, stealing 350GB of data. The impact of the breach is still being assessed. Source: Security Affairs

Security Research

1. Xerox Printer Security Risk: Security researchers have discovered two vulnerabilities in Xerox Versalink MFP printers that could be exploited in "pass-back" attacks to steal login credentials. These flaws pose a significant security risk, potentially allowing hackers to infiltrate systems through these printers. Source: MSN
2. Security Challenges in Healthcare: The healthcare sector faces unique security challenges, as discussed by Australian cybersecurity expert Emile Barakat. The discussion focuses on the current trends and potential predictions for 2025, highlighting the importance of robust cybersecurity measures in healthcare. Source: SC Media
3. Speedrunners as Vulnerability Researchers: Speedrunners, individuals who aim to complete video games as quickly as possible, are being likened to vulnerability researchers. Their ability to find and exploit game mechanics for speed could be compared to security research, albeit in a different context. Source: Hacker News
4. Pentagon's Minerva Research Initiative: The Pentagon has significantly reduced the Minerva Research Initiative, a program that harnessed social science to study violent extremism, disinformation, and threats from climate change. This move could potentially impact national security research. Source: Science.org
5. Apple's Security Tool Axing: Apple's decision to remove a top security tool is described as "fairly unprecedented" by technology expert Will Guyatt. This move marks a significant shift in how UK users' cloud-stored data will be protected, prompting users to take additional measures to secure their data. Source: MSN

Top CVEs

1. CVE-2024-36353: Insufficient clearing of GPU global memory could allow a malicious process running on the same GPU to read leftover memory values, potentially leading to data loss. This vulnerability is critical and requires immediate attention. Source: CVE-2024-36353
2. CVE-2025-1819: A critical vulnerability was found in Tenda AC7 1200M 15.03.06.44. The function TendaTelnet of the file /goform/telnet is affected. The manipulation of the argument lan_ip leads to os command injection. The exploit has been publicly disclosed. Source: CVE-2025-1819
3. CVE-2025-0895: IBM Cognos Analytics Mobile 1.1 for Android could allow a user with physical access to the device, to obtain sensitive information from debugging code log. This vulnerability is critical and requires immediate attention. Source: CVE-2025-0895
4. CVE-2025-1831: A critical vulnerability has been found in zj1983 zz up to 2024-8. The function GetDBUser of the file src/main/java/com/futvan/z/system/zorg/ZorgAction.java is affected. The manipulation of the argument user_id leads to sql injection. The exploit has been publicly disclosed. Source: CVE-2025-1831
5. CVE-2025-1829: A critical vulnerability was found in TOTOLINK X18 9.1.0cu.2024_B20220329. The function setMtknatCfg of the file /cgi-bin/cstecgi.cgi is affected. The manipulation of the argument mtkhnatEnable leads to os command injection. The exploit has been publicly disclosed. Source: CVE-2025-1829

API Security

1. CVE-2025-25953 - Azure JWT Access Token Exposure in Serosoft Solutions' Academia SIS EagleR v1.0.118: This vulnerability allows authenticated attackers to escalate privileges and access sensitive data due to an exposed Azure JWT access token. Serosoft Solutions is urged to address this issue to prevent potential data breaches. Source: Vulners.
2. CVE-2025-25952 - IDOR Vulnerability in Serosoft Solutions' Academia SIS EagleR v1.0.118: An Insecure Direct Object References (IDOR) vulnerability in the component /getStudemtAllDetailsById?studentId=XX allows attackers to access sensitive user information via a crafted API. Serosoft Solutions needs to address this security flaw to protect user data. Source: Vulners.
3. CVE-2025-27579 - CSRF Attack Vulnerability in Bitaxe ESP-Miner: In Bitaxe ESP-Miner before 2.5.0 with AxeOS, an attacker can use a CSRF attack via /api/system to update the payout address for a Bitaxe Bitcoin miner, or change the frequency and voltage. Bitaxe is advised to patch this vulnerability to secure its users' mining operations. Source: Vulners.

Sponsored by Wallarm API Security Solution

Final Words

As we wrap up today's edition of Secret CISO, we're reminded that the world of cybersecurity is ever-evolving. From the countdown to the new EDPB guidelines on pseudonymisation to the alarming security breach involving Bitcointry Token, it's clear that staying informed is our best defense. We've also seen how new malware exploits fake updates to steal data, and how even the most secure organizations, like Singapore's HomeTeamNS, can fall victim to ransomware attacks. But it's not all doom and gloom. We've also highlighted the accomplishments of visionary information security leaders who are paving the way for a safer digital future.

Remember, cybersecurity isn't just about protecting our systems; it's about safeguarding our businesses, our data, and ultimately, our lives. So, let's continue to learn, share, and grow together in this journey.

If you found today's newsletter informative, please consider sharing it with your friends and colleagues.

They might find it just as valuable. Stay safe, stay informed, and see you in the next edition of Secret CISO!