News – September 2025

September 24, 2025

In mid-July 2024, a threat actor managed to break into a US Federal Civilian Executive Branch (FCEB) agency by exploiting a critical remote code execution (RCE) vulnerability in GeoServer, the government has confirmed. In an in-depth report detailing the incident, the US Cybersecurity and Infrastructure Security Agency (CISA) outlined how the attackers leveraged CVE-2024-36401, a 9.8/10 ...

September 24, 2025

A person has been arrested in connection with a cyber-attack which has caused days of disruption at several European airports including Heathrow. The National Crime Agency (NCA) said a man in his forties was arrested in West Sussex “as part of an investigation into a cyber incident impacting Collins Aerospace”. There have been hundreds of flight ...

September 24, 2025

ClaimPix, a company which streamlines car insurance claims, was leaking sensitive customer data on the clearweb, including people’s phone numbers, and email addresses, an expert has warned. Security researcher Jeremiah Fowler, known for hunting down misconfigured and unprotected databases, recently found one such instance containing 5.1 million files, sharing his findings with WebsitePlanet. The archive was ...

September 24, 2025

Plainly speaking, Artificial intelligence is no longer a fringe technology. It has become a core component of modern business, from customer service chatbots to complex data analysis. We often treat the Large Language Models (LLMs) that are at the core of this technology as trusted black boxes. But like any software, they can be tampered with, ...

September 22, 2025

Security researchers have found a critical vulnerability in Microsoft Entra ID which could have allowed threat actors to gain Global Administrator access to virtually anyone’s tenant – without being detected in any way. The vulnerability consists of two things – a legacy service called “actor tokens”, and a critical Elevation of Privilege bug tracked as CVE-2025-55241. ...

September 22, 2025

Hundreds of flights across Europe were cancelled and delayed after a ‘cyber-related disruption’ meant electronic customer check-in and baggage drop was taken offline. The EU’s cybersecurity agency ENISA has confirmed the disruption was linked to a ransomware incident, but did not reveal which particular strain was to blame. “The type of ransomware has been identified. Law ...

September 22, 2025

Stellantis detected unauthorized access to a third-party service provider’s platform that supports its North American customer service operations, the company said in a statement on Sunday. The automaker said the incident, which is under investigation, exposed only basic contact information and did not involve financial details or sensitive personal data. Stellantis did not specify how many ...

September 20, 2025

Heathrow is among several European airports hit by a cyber-attack affecting an electronic check-in and baggage system. The airport warned of possible delays due to a “technical issue” affecting software provided by Collins Aerospace to several airlines. Brussels Airport said a cyber-attack on Friday night meant passengers were being checked in and boarded manually, while Berlin’s ...

September 19, 2025

WatchGuard has fixed a critical-severity vulnerability affecting its Firebox firewalls and is urging users to apply the newly released patch without hesitation. In a security advisory, the company said it addressed an out-of-bounds write vulnerability in the WatchGuard Fireware OS iked process, which “may allow a remote unauthenticated attacker to execute arbitrary code”. The vulnerability was ...

September 19, 2025

On September 18, 2025, Fortra published an advisory for CVE-2025-10035. This new vulnerability affects GoAnywhere MFT, an enterprise managed file transfer solution, and allows an attacker to achieve unauthenticated remote code execution. GoAnywhere MFT is a file transfer solution that has been exploited in-the-wild in the past. In 2023, CVE-2023-0669 was exploited in-the-wild as a zero-day, ...