Top Tech Headlines for August 13, 2025

It's been a busy day in the world of tech and cybersecurity. From AI disruptions to critical software vulnerabilities, today’s stories are all about staying alert and staying patched. Here’s everything you need to know to stay informed—and protected.

OpenAI Relaxes GPT-5 Rate Limits and Brings Back Confusing Models

OpenAI is dialing back restrictions on GPT-5 usage but admits that its latest rollout brought back a confusing array of models like o3 and o4-mini. The team also promises improvements to GPT-5's "personality," which some users found too passive. While flexibility is good, messy model naming has developers scratching their heads again.

Fortinet Warns of Severe FortiSIEM Flaw with Active Exploits

Fortinet has identified a critical pre-auth remote code execution vulnerability (CVE-2025-25256) in FortiSIEM, scoring a 9.8 on the CVSS scale. What's worse? It's already being actively exploited. Admins should patch immediately to ward off potential breaches.

Massive Brute-Force Surge Targets Fortinet VPNs and FortiManager

Security researchers are alarmed by a sharp increase in brute-force attacks targeting Fortinet SSL VPNs and, more recently, FortiManager. These coordinated shifts are often precursors to zero-day disclosures, raising concerns across enterprise networks.

New Downgrade Attack Targets Microsoft Entra ID

Researchers have uncovered a downgrade attack that circumvents FIDO authentication in Microsoft Entra ID. The exploit tricks users into using weaker login methods, making phishing attacks and session hijacking far more likely. This highlights the need for strict access policies and continual user education.

Pennsylvania Attorney General’s Office Hit by Cyberattack

A major cyberattack has disrupted the Pennsylvania Attorney General’s communication systems, including emails and landlines. The scale and specifics of the breach are still under investigation, but it’s another example of rising threats to public sector infrastructure.

Windows 11 24H2 Update Issues Continue with Error 0x80240069

The KB5063878 cumulative update for Windows 11 24H2 is failing to install on several devices. Admins report error 0x80240069 as they scramble for workarounds. Microsoft has yet to offer a permanent fix.

Microsoft Drops PowerShell 2.0—Finally

Just in time with August, Microsoft has officially removed PowerShell 2.0 from Windows 11 and Windows Server. Long deprecated and a known security risk, PowerShell 2.0 will no longer be included, aligning with current secure scripting practices.

Certificate Enrollment Errors? Microsoft Says Ignore Them

Users seeing strange CertEnroll errors after the July preview update and Windows 11 24H2 installs can rest easy—sort of. Microsoft says these errors are benign and can be safely disregarded. Still, some admins are side-eyeing this advice.

Zoom and Xerox Patch Critical Vulnerabilities

Zoom and Xerox have rolled out patches for critical privilege escalation and remote code execution vulnerabilities. Without these fixes, attackers could seize control of affected systems. Update these applications ASAP if you haven’t already.

PS1Bot Malware Campaign Hacks Through Malvertising

PS1Bot is using malvertising to launch in-memory PowerShell attacks—a stealthy method allowing cybercriminals to slip under traditional detection. The malware has been active since early 2025. Protecting endpoints with live detection tools is crucial.

Microsoft’s August Patch Tuesday Fixes 111 Bugs, Including Kerberos Zero-Day

This month's Patch Tuesday fixed 111 vulnerabilities, including a serious Kerberos flaw dubbed "BadSuccessor" that could allow full Active Directory compromise. Enterprises are urged to prioritize this fix immediately to shore up domain-level defenses.

Charon Ransomware Hits Middle East Targets with Advanced Techniques

APT-level tactics are being leveraged by Charon ransomware as it spreads across the Middle East. Known for rapid encryption and difficult recovery paths, this campaign showcases today's evolving ransomware landscape.

Anthropic Shares Claude’s Safety Framework

AI safety is top-of-mind for Anthropic, who outlined their methods to make Claude smarter and less harmful. Their framework addresses misinformation and bias—key challenges as AI adoption accelerates.

Inworld Launches AI Toolkit Inspired by Disney, Xbox Projects

Inworld has opened access to its internal AI Runtime toolkit, making tools used in Disney and Xbox projects available to all developers. With a focus on character and narrative AI, it’s a creative leap for developers in gaming and storytelling.

StudyPro Among Top AI Writing Tools for August 2025

StudyPro is being praised as a top AI tool for students and academics, thanks to its structured approach and context-aware generation engine. Unlike general-purpose AI, it’s designed to follow directions precisely and avoid hallucinations—a must for reliable writing assistance.

Go Language 1.25 Boosts Performance and Tooling

The latest release of Go has developers excited, with version 1.25 bringing performance enhancements and better tooling. This update is a win for speed and simplicity in backend and systems programming.

Bitwarden’s MSP Program Proves Popular

MSPs are embracing Bitwarden’s password manager for its flexibility in hosting and strong MFA support. With increasing demands for secure credential storage, Bitwarden’s customizable model is appealing to IT providers and managed service environments.

Post-Quantum Cryptography Workbook Released for Enterprises

A new industry workbook has been released to help security teams prepare for the era of post-quantum cryptography. It provides strategies for inventorying algorithms and developing migration plans before quantum computing disrupts current standards.

Huawei’s Open-Source CANN Toolkit Challenges NVIDIA’s CUDA

Huawei has open-sourced its CANN AI toolkit in a bid to challenge the CUDA monopoly. While adoption may take time, this move could reshape GPU development and give developers more options outside the NVIDIA ecosystem.

AI-Powered SOCs Transform Security Playbooks

AI Security Operations Centers (SOCs) are gaining traction for their ability to cut dwell time and auto-triage incidents. With mounting cyber threats, automation is proving essential to reduce human error and alert fatigue.

Webinar Looks at the Next Wave of AI Cyberattacks

A fresh webinar dives into the evolving threat landscape of AI-driven cyberattacks, covering tactics like deepfakes and identity spoofing. The key takeaway: identity management is your frontline defense as traditional systems start to fall behind.

Want to stay ready for anything? From data recovery to bootable OS installs, our Ultimate USBs have your back. Check out our tools today.