Welcome to today's issue of Secret CISO, your daily dose of the most impactful cybersecurity news. Today, we're diving into a series of data breaches and security lapses that have been making headlines.

First up, Hong Kong firms are being warned about the potential risks of data breaches when using generative artificial intelligence. Privacy Commissioner Ada Chung is pushing for AI guidelines to prevent such leaks. In the US, over 14,000 individuals have been affected by a county data breach, with notices currently being sent out. Meanwhile, the Tasmanian Government has suffered a data breach, with hackers accessing personal information. This follows a significant breach in 2023 when Russian hackers targeted the government-contracted data service, GoAnywhere. In entertainment news, an unfinished cut of 'A Minecraft Movie' has been leaked online due to a security breach. This wasn't a case of a movie being shot in a theater and then leaked online, but rather a security breach in the movie's production. In the world of academia, the University of Buffalo alumni are speaking out on privacy violations, accessibility failures, and the mishandling of digital services migration. This follows a data breach that exposed sensitive information for some alumni.

In Australia, super groups are being accused of resisting efforts to lift security before a significant hack. A representative of the Association of Superannuation Funds of Australia had told a consumer advocate that stronger protections would put “too much pressure” on the funds. Lastly, in the wake of budget cuts, the U.S. Department of Education has suspended certain security measures, leading to concerns about increased cyberattacks against schools. Stay tuned for more updates and remember, knowledge is the first line of defense in cybersecurity. Stay safe out there!

Data Breaches

1. Hong Kong AI Data Leaks Warning: Privacy Commissioner Ada Chung has cautioned Hong Kong firms utilizing generative artificial intelligence about the potential risk of data breaches. Source: RTHK
2. County Data Breach Affecting 14,081 Individuals: A significant data breach has impacted 14,081 individuals in Hamilton County, with notices currently being sent out. Source: Chattanoogan.com
3. Tasmanian Government Data Breach: Personal information has been accessed by hackers in a data breach involving the Tasmanian Government. This follows a more significant breach in April 2023 when Russian hackers targeted the government-contracted data service GoAnywhere. Source: Pulse Tasmania
4. 'A Minecraft Movie' Online Leak: An unfinished cut of 'A Minecraft Movie' was leaked online due to a security breach, rather than being filmed in a movie theater. Source: Deadline
5. Capital One Data Breach: Thousands of Americans had their personal information, including credit card numbers and transaction history, exposed in a data breach involving banking giant Capital One. The breach occurred between August 11, 2022. Source: Daily Hodl

Security Research

1. Cellphone Surveillance Explained - Stingray/IMSI Catchers: This research provides an in-depth analysis of Stingray/IMSI Catchers, devices used for cellphone surveillance. The study highlights the potential privacy concerns and legal implications associated with their use. Source: YouTube
2. Sec-Gemini v1 - Google Released a New AI Model for Cybersecurity: Google's Threat Research Labs have released a new AI model, Sec-Gemini v1, aimed at enhancing cybersecurity. The model is expected to revolutionize threat detection and response. Source: Cyber Security News
3. Analysis of the impact of urban security policies on lone wolf terrorism threats in the European Union: This research evaluates the effectiveness of preventive security strategies in major European cities against lone wolf terrorism threats. It provides insights into the implementation and impact of these strategies. Source: ResearchGate
4. Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws: Microsoft has credited EncryptHub, a hacker responsible for over 618 breaches, for disclosing security flaws in Windows. This highlights the increasing trend of ethical hacking and its role in enhancing cybersecurity. Source: The Hacker News
5. North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages: North Korean hackers have been found to deploy BeaverTail malware through 11 malicious npm packages. The research underscores the need for robust security measures in software supply chains. Source: The Hacker News

Top CVEs

1. CVE-2025-32360 - Information Exposure in Zammad: In Zammad 6.4.x before 6.4.2, there is information exposure where logged in customers could see and manipulate details about shared drafts for their customer tickets in the browser console. This could potentially lead to the exposure of confidential information. Source: CVE-2025-32360
2. CVE-2025-32357 - Unauthorized Knowledge Base Access in Zammad: In Zammad 6.4.x before 6.4.2, an authenticated agent with knowledge base permissions could use the Zammad API to fetch knowledge base content that they do not have permission to access. Source: CVE-2025-32357
3. CVE-2024-56370 - Insecure Random Number Generation in Net::Xero: Net::Xero 0.044 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. This could potentially lead to the exposure of sensitive information. Source: CVE-2024-56370
4. CVE-2024-57868 - Insecure Random Number Generation in Web::API: Web::API 2.8 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. This could potentially lead to the exposure of sensitive information. Source: CVE-2024-57868
5. CVE-2024-58036 - Insecure Random Number Generation in Net::Dropbox::API: Net::Dropbox::API 1.9 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. This could potentially lead to the exposure of sensitive information. Source: CVE-2024-58036

API Security

1. Broken Link Checker by AIOSEO Vulnerability (CVE-2025-1264): The Broken Link Checker by AIOSEO plugin for WordPress is susceptible to SQL Injection through the 'orderBy' parameter in all versions up to 1.2.3. This vulnerability allows authenticated attackers with Contributor-level access to append additional SQL queries, potentially extracting sensitive information. Source: CVE-2025-1264
2. Zammad Information Exposure (CVE-2025-32360): In Zammad 6.4.x before 6.4.2, there is an information exposure issue. Logged-in customers were able to see and manipulate details about shared drafts for their customer tickets in the browser console, potentially exposing confidential information. Source: CVE-2025-32360
3. Zammad Client-Side Enforcement of Server-Side Security (CVE-2025-32359): In Zammad 6.4.x before 6.4.2, there is a flaw in the enforcement of server-side security. Users are required to re-authenticate with their current password when changing their two-factor authentication configuration. However, this change was only enforced on the front-end level and not when using the API. Source: CVE-2025-32359
4. Zammad Knowledge Base Permissions (CVE-2025-32357): In Zammad 6.4.x before 6.4.2, an authenticated agent with knowledge base permissions could use the Zammad API to fetch knowledge base content that they do not have permission to access. Source: CVE-2025-32357
5. Web::API Cryptographic Weakness (CVE-2024-57868): Web::API 2.8 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. This could potentially lead to insecure cryptographic operations. Source: CVE-2024-57868

Sponsored by Wallarm API Security Solution

Final Words

And that's a wrap for today's edition of Secret CISO. We've covered a wide range of topics, from the push for AI guidelines to prevent data leaks to the latest data breaches affecting various sectors. It's clear that the need for robust cybersecurity measures is more critical than ever. Remember, staying informed is the first step towards ensuring your organization's security.

Share this newsletter with your colleagues and friends to help them stay updated on the latest in cybersecurity. Stay safe, stay secure, and keep an eye out for tomorrow's edition of Secret CISO.