Top Tech Headlines – September 19, 2025

Today’s tech news is packed with major AI upgrades, critical cybersecurity alerts, and fresh developments in the world of gaming and ransomware. From Microsoft's AI-based Gaming Copilot to ongoing phishing waves and high-severity exploits, here's what you need to know on September 19, 2025.

🎮 Microsoft Debuts Gaming Copilot on Windows 11

Microsoft is launching its new AI-driven assistant, Gaming Copilot, in beta on Windows 11. The tool provides real-time answers and suggestions during gameplay, like tips, mission guides, and more. It's currently available for users 18 and older—except those in mainland China.

Key takeaway: AI is reshaping the gaming experience, helping players through smoother, smarter play sessions.

🚨 FBI Warns of Fake Crime Reporting Portals

Cybercriminals are impersonating the FBI’s Internet Crime Complaint Center website (IC3) to launch malicious campaigns. The FBI cautions users to verify URLs and avoid submitting personal data to unverified domains.

Key takeaway: Always double-check URLs when reporting crimes—it’s now a phishing vector too.

🛡️ CISA Uncovers Malware Behind Ivanti EPMM Exploits

CISA released an analysis of malware kits used in recent attacks targeting Ivanti Endpoint Manager Mobile (EPMM). Two major vulnerabilities—CVE-2025-4427 and CVE-2025-4428—are being actively exploited, allowing remote code execution on vulnerable systems.

Key takeaway: Patch Ivanti systems immediately and review your logs for signs of intrusion.

⚠️ Fortra Issues Emergency Patch for GoAnywhere Exploit

Fortra has just patched a CVSS 10.0-rated vulnerability in GoAnywhere MFT’s License Servlet, which allowed command injection. Users are urged to upgrade to version 7.8.4 right away to prevent remote exploitation.

Key takeaway: Don’t delay this one—it's a critical, potentially dangerous flaw in widespread file transfer software.

🧨 Ransomware Defenses See Alarming Drop

The Picus Blue Report for 2025 reveals concerning trends: ransomware prevention has dropped to just 62%, and only 3% of data exfiltration attempts were successfully blocked. Attackers are adapting faster than defense mechanisms can cope.

Key takeaway: Ransomware isn't going away—ensure you're equipped with backups and offline response tools.

🕹️ Steam Ends Support for 32-Bit Windows in 2026

Valve confirmed that Steam will no longer run on 32-bit versions of Windows starting January 2026. Users on older systems will need to upgrade their OS or switch platforms if they want to continue gaming.

Key takeaway: Legacy systems are losing support—use a bootable USB to install and upgrade to modern OS versions.

💬 GPT Go Expanding Beyond India

OpenAI's budget-friendly GPT Go plan, priced at just $4/month, is rolling out to more regions beyond India. The plan offers cost-effective access to language models, opening doors for more AI adoption globally.

Key takeaway: Affordable AI tools are on the rise—watch for expansion in your region soon.

🔍 OpenAI Challenges Google with Smarter ChatGPT Search

ChatGPT’s built-in search function now delivers more accurate, real-time results—putting it in closer competition with Google’s AI-powered search. This marks a step forward in hybrid search and chatbot integration.

Key takeaway: Traditional search is getting a serious AI upgrade—changing how we find information online.

🌐 TechEx Europe Gathers AI and Cybersecurity Leaders

TechEx Europe 2025 kicks off in Amsterdam this month with over 8,000 attendees and 250+ expert speakers. Covering AI, cybersecurity, IoT, and more, this event is the place for forward-thinking tech leaders.

Key takeaway: Innovation and practical AI insight converge in a major way—perfect for professionals staying ahead of the curve.

🔒 Software Bill of Materials: A Must for Digital Resilience

Experts continue to emphasize that software bills of materials (SBOMs) are crucial for tracing vulnerabilities and improving security transparency. As software supply chain attacks rise, SBOMs act as a digital roadmap for resilience.

Key takeaway: Knowing what's in your software matters more than ever—SBOMs are becoming a cybersecurity standard.

❗ Cyber Resilience Act Still Unknown to Most Companies

Despite its upcoming implementation, almost two-thirds of companies remain unaware of the EU’s Cyber Resilience Act. This regulation will require better security posture and product transparency for connected devices.

Key takeaway: Get informed and compliant before regulations tighten in 2026.

💸 PayPal USD Stablecoin Comes to TRON

PayPal’s stablecoin, PYUSD, is now live on the TRON blockchain through Stargate Hydra and LayerZero’s OFT standard. This enhances cross-chain functionality and lowers transaction costs.

Key takeaway: PayPal’s move is a big step for blockchain interoperability and global crypto adoption.

⚙️ Dell and NVIDIA Unite to Scale Enterprise AI

Dell’s new Data Platform, built with NVIDIA, offers companies an infrastructure to move beyond AI pilots and implement scalable machine learning solutions. The platform focuses on unifying data access and compute power.

Key takeaway: Enterprises are maturing their AI usage—and the hardware to support it is catching up fast.

🇬🇧🇺🇸 US & UK Sign Tech Deal as Trump Makes AI Joke

During a diplomatic visit, Donald Trump and UK’s Keir Starmer signed the "Tech Prosperity Deal" for international tech cooperation. While Trump joked about AI, the agreement is expected to boost cross-border innovation.

Key takeaway: Political alliances are shaping the future of AI and tech policy in both markets.

📡 UNC1549 Strikes Telecoms with LinkedIn Lures

An Iranian APT group, UNC1549, used LinkedIn job offers and MINIBIKE malware to infiltrate 11 telecom firms, compromising over 34 devices. The attacks leveraged Azure-hosted infrastructure to maintain control.

Key takeaway: Human targeting and cloud abuse remain dominant attack vectors—training and vigilance are essential.

🤖 REM Proxy Botnet Infects 1,500 VPS Daily

The SystemBC-powered REM Proxy botnet exploits up to 1,500 virtual servers daily, with 40% of targets remaining unpatched for over a month. It operates across 80 active command-and-control (C2) servers.

Key takeaway: Routine patching is crucial—unpatched systems are sitting ducks for botnets.

🎯 Phishing-as-a-Service Fuels Global Credential Theft

A surge of 17,500 phishing domains has targeted 316 global brands using PhaaS kits, resulting in a 25% rise in email credential theft across 74 countries. Brands and ISPs are being overwhelmed by automation-scale attacks.

Key takeaway: Email remains an attacker’s playground—educate staff and protect credentials.

🧠 Automating Security Response with AI Agents

A new workflow from Tines shows how AI can automate triage and incident response using Confluence SOPs. The result? Faster mean time to response (MTTR) and better consistency under pressure.

Key takeaway: AI isn’t just for chat—it's transforming how SOC teams handle incidents.

☠️ Russian Hackers Jointly Attack Ukraine with Kazuar

Gamaredon and Turla—two notorious Russian state-linked hacker groups—collaborated to deploy the Kazuar backdoor in Ukraine. ESET's analysis links the operation to Russian FSB efforts from February 2025.

Key takeaway: Espionage campaigns are growing in sophistication—the geopolitical cyber battleground is real.

👥 Two UK Teens Arrested in Scattered Spider Ransomware Case

Law enforcement in the UK arrested two teens tied to the Scattered Spider ransomware gang, responsible for high-profile attacks including one on Transport for London. They now face U.S. extradition on fraud charges.

Key takeaway: Age doesn’t equal innocence—youth-led cybercrime is seriously on the radar.

Want