Welcome to today's issue of Secret CISO. We're diving deep into the world of cybersecurity, starting with a look at domain-specific LLMs and their potential to revolutionize security operations centers.

But it's not all high-tech solutions today - we're also covering the human side of security, with a spotlight on the rising reports of internet fraud in New York. Data breaches continue to make headlines, with USAA customers urged to act fast to claim their share of a $3.25 million settlement. Meanwhile, Japanese Telecom Giant NTT is grappling with the fallout of a data breach impacting 18,000 companies. In the retail sector, Rite Aid is handing out a whopping $6.8 million to customers after a massive data breach. And Bank of America is warning customers about a potential data breach that could expose sensitive information. We're also highlighting the importance of cloud security, with a feature on the critical role of a Cloud Security Architect at the Legal Aid Society. And we're exploring the challenges of cybersecurity in the travel industry, where protecting sensitive customer data is paramount.

Finally, we're rounding up the latest vulnerabilities and security research, including an undocumented "backdoor" found in a Bluetooth chip used by a billion devices. Stay tuned for all this and more in today's Secret CISO.

Data Breaches

1. USAA Data Breach Settlement: USAA customers affected by a 2021 data breach must file a claim by April 7 to receive a share of a $3.25 million settlement. The breach exposed customers' personal information, leading to a class-action lawsuit. Source: Hoodline and Blavity.
2. NTT Data Breach: Japanese telecom giant NTT suffered a data breach impacting 18,000 companies. The breach was detected on February 5, with potential data leakage confirmed the following day. Source: The420.in.
3. Bank of America Data Breach: Bank of America has warned a small group of customers about a potential data breach that could expose sensitive customer data, including Social Security numbers and IDs. The breach occurred due to a third-party document destruction blunder. Source: Daily Hodl.
4. Rite Aid Data Breach: Retail pharmacy giant Rite Aid is handing out a $6.8 million settlement to 2.2 million customers affected by a massive data breach. The breach was triggered by hackers from the RansomHub group. Source: Daily Hodl and Benzinga.
5. Browser Extensions Security Breach: Over 3.2 million web users were affected by a security breach involving malicious browser extensions. The breach exposed users' data, highlighting the potential risks of browser add-ons. Source: Fox News.

Security Research

1. Honoring Women in Cyberspace 2025: Future Crime Research Foundation Celebrates: The Future Crime Research Foundation is celebrating women pioneers in cybersecurity and digital forensics. Shikha Goel, IPS, DGP CID, Women Safety Wing, Director TG Cyber Security Bureau & TG FSL, has been leading the fight against cybercrime. Source: The420.in
2. Lumma Stealer Launch "Click Fix" Style Attack via Fake Google Meet & Windows Update Sites: Security researchers from Comodo Cybersecurity have discovered a new attack style launched by Lumma Stealer. The attack is disguised as a "Click Fix" prompt on fake Google Meet and Windows Update sites. Source: Cyber Security News
3. Kernel saunters – How Apple rearranged its XNU kernel with exclaves: A security researcher, Random Augustine, has explored how Apple has rearranged its XNU kernel with exclaves. This rearrangement is a significant development in Apple's security measures. Source: The Register
4. Faced with Russia, EU's defense must include Turkiye: IISS expert Tom Waldyn and independent researcher Nebahat Tanriverdi Yasar argue that the EU's defense strategy must include Turkey, especially considering the current security situation with Russia. Source: Arab News
5. Turkey seeks greater role in European security as US shifts focus: As the US shifts its focus, Turkey is seeking a greater role in European security. IISS expert Tom Waldyn suggests that Turkey's strategic location makes it a crucial player in the Atlantic Alliance's security. Source: Turkish Minute

Top CVEs

1. CVE-2024-13908: The SMTP by BestWebSoft plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation. This allows authenticated attackers with Administrator-level access to upload arbitrary files on the server, potentially leading to remote code execution. Source: CVE-2024-13908.
2. CVE-2025-1325: The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to arbitrary shortcode execution due to a missing capability check. This allows authenticated attackers with Subscriber-level access to execute arbitrary code. Source: CVE-2025-1325.
3. CVE-2024-13882: The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation. This allows authenticated attackers with Contributor-level access to upload arbitrary files on the server, potentially leading to remote code execution. Source: CVE-2024-13882.
4. CVE-2025-0177: The Javo Core plugin for WordPress is vulnerable to privilege escalation due to allowing users registering new accounts to set their own role. This allows unauthenticated attackers to gain elevated privileges by creating an account with the administrator role. Source: CVE-2025-0177.
5. CVE-2024-10321: The All-in-One Addons for Elementor – WidgetKit plugin for WordPress is vulnerable to Sensitive Information Exposure. This allows authenticated attackers with Contributor-level access to extract sensitive private, pending, and draft template data. Source: CVE-2024-10321.

Sponsored by Wallarm API Security Solution

Final Words

And that's a wrap for today's edition of Secret CISO. We've delved into the world of domain-specific LLMs, data breaches, and the importance of cybersecurity in our increasingly digital world. Remember, staying informed is the first step in staying secure.

If you found this newsletter helpful, why not share it with your colleagues and friends?

Let's spread the knowledge and help create a safer digital environment for everyone. Stay safe, stay informed, and see you in the next edition of Secret CISO.