Simply Cyber Newsletter #132

Start your work week off at full speed with expert analysis and actionable intel from top cybersecurity news stories. Share with your End Users, Peers, and Executives to support weekly security awareness with the Simply Cyber Newsletter!

FOR END USERS

Suspected InfoStealer Malware Data Breach Exposed 184 Million Logins and Passwords. A massive database containing nearly 185 million usernames and passwords was left exposed online without any password protection or encryption. It included logins for email, social media, banks, government services, and more. The data was likely stolen using malware and could be used for fraud or identity theft.

What you need to know: Share this with your end users: Now is the time to check what you’re storing and how you’re storing it. If your email inbox is holding onto years of tax forms, account numbers, medical info, or password reminders, that data is a liability. Delete what you no longer need. Clean up sensitive messages and old attachments. If you need to keep files, store them in a secure, encrypted space instead of letting them sit in your inbox.

Take this a step further by reviewing your passwords, turning on two-factor authentication, and using a password manager if you’re not already. The less data you leave behind, the less damage someone can do if something goes wrong. Privacy isn’t just about settings, but building on great habits.

FOR PEERS

GitHub MCP Exploited: Accessing private repositories via MCP. A newly disclosed exploit shows how GitHub’s Model Context Protocol (MCP) can be abused through prompt injection. Researchers demonstrated that by submitting a crafted issue in a public repository, they could influence an LLM to read private repo content and submit it in a pull request. MCP’s design combines access, autonomous execution, and the ability to expose data.

What you need to know: If your teams are testing or using GitHub’s MCP, now is a good time to pause and reassess. Start by asking a simple question: Does everyone involved understand what MCP enables and where its boundaries are? It gives LLM agents the ability to read from private repos and take actions like submitting pull requests based on user permissions. That’s powerful but potentially risky. A prompt posted in a public space can now influence actions taken in private contexts. This isn’t just a dev tooling issue. It’s a security surface. Review what your agents can access, how prompts are validated, and whether output is being logged or monitored. The tech is moving fast. Our controls need to catch up with it.

FOR EXECUTIVES

Cyber Attack Surge Creates Opportunity for Insurers, Prompts Rethink on Premiums. Cyberattacks are on the rise again, and the insurance market is shifting in response. Major breaches like the recent M&S hack have triggered a surge in demand for coverage, while global cyber losses hit $9.5 trillion in 2024. Insurers are adjusting premiums, tightening policies, and reassessing risk across the board.

What you need to know: This isn’t a call to act out of urgency but a moment to plan with intention. Cyber insurance is becoming harder to secure on favorable terms, and that shift will affect how businesses approach budgets, controls, and risk tolerance. If your coverage hasn’t been reviewed recently, this is a good time to start that conversation. Remember, not every change needs to happen this quarter. Maturity in this space doesn’t build itself and when the market hardens, it pays to have laid the groundwork. Connect with your security and risk leaders now. Ask what insurers are starting to expect as minimum standards. Look at what posture will earn you better coverage next year, not just what gets you through renewal today. The work starts early, and it starts with alignment.

LET’S CONNECT

Stay current on trending topics, tips, events and resources in cybersecurity, connect with Simply Cyber on socials for new content.

As always, please send me feedback. Which tip above is your favorite? What do you want more or less of? Other suggestions? Please let me know. Just send a DM on X with #actionableintel in the subject so I can find it.

Join us on the Daily Cyber Threat Brief happening every weekday morning at 8 AM Eastern on YouTube and LinkedIn.

Find more about what’s happening this week in the Simply Cyber community, below. Join us on the Daily Cyber Threat Brief happening every weekday morning at 8 AM Eastern on YouTube and LinkedIn.

Thank you and see you again next week, #TeamSC!

Gerry

SIMPLY CYBER MEDIA GROUP PODCAST LINEUP

Simply Cyber Media Group presents our family of cybersecurity podcasts streaming Mon/Wed/Thu mornings at 9:30 AM Eastern. More podcasts coming in Q3 2025!

• Simply Defensive - Mondays

• Simply ICS Cyber - Wednesdays (Bi-weekly)

• 2 Cyber Chicks - Wednesdays (Bi-weekly)

• Cybersecurity Mentors Podcast - Thursdays

Visit youtube.com/@SimplyCyber/podcasts to explore and learn more!

SIMPLY CYBER FIRESIDES🔥

Thursday, June 5 at 4:30 PM EDT - The Recovering CISO: Lessons from Politics, Lockpicking, and Global Threat Intelligence

Join us for another episode of Simply Cyber Firesides 🔥 with host Gerald Auger, Ph.D. as we sit down with cybersecurity veteran Mick Baccio. Get ready for an insightful conversation about leadership, resilience, and the evolving landscape of threat intelligence.

In this candid fireside chat, we'll explore Mick's unique journey from the White House to presidential campaign cybersecurity, and how his diverse experiences have shaped his approach to modern security operations. From high-stakes incident response to the art of lockpicking, discover how unconventional perspectives can drive innovation in cybersecurity leadership.

Set your notifications to attend and bring your questions to ask in live chat!

SC MEDIA GROUP WEEKLY EVENTS SCHEDULE

SC ACADEMY THE PLACE FOR CYBER CAREERS

At Simply Cyber Academy, we specialize in making GRC and Cybersecurity Careers a reality. Empower your career by learning real in-demand skills from cyber experts and the theory behind those skills with Simply Cyber Academy.

The popular GRC Analyst Master Class is a must for kickstarting your GRC Cybersecurity career. In addition, we have new courses covering various areas of focus in cyber available to help you advance in your career.

Check out the NEW FREE courses available in the academy and our new blog!