Top Tech Headlines for September 23, 2025

Today’s cybersecurity landscape saw some major moves — from mega DDoS attacks and critical patches to a SIM farm takedown and a handy new WhatsApp feature. Here’s what you need to know to stay informed and secure.

Boyd Gaming Hit by Data Breach

Boyd Gaming, a major U.S. casino operator, has confirmed a cyberattack that allowed threat actors to access company systems and steal sensitive data — including employee information. The breach is limited in scope but still underscores growing threats to the hospitality and entertainment industries.

Emergency Patch Issued for Libraesva ESG Vulnerability

Security company Libraesva rolled out an urgent update for its Email Security Gateway platform after discovering a zero-day being exploited by likely state-sponsored hackers. If your organization uses ESG, apply patches ASAP to avoid compromise.

Cloudflare Mitigates Largest DDoS Ever at 22.2 Tbps

Cloudflare has set a new cybersecurity record after stopping a massive DDoS attack that peaked at 22.2 terabits per second. The incident shows how attackers continue ramping up scale and complexity — and why modern networks need equally powerful defenses.

CISA: Federal Hack Traced to Unpatched GeoServer

The Cybersecurity and Infrastructure Security Agency (CISA) revealed that hackers breached a federal U.S. civilian agency using an old GeoServer vulnerability. It’s a stark reminder that even niche, forgotten tools can open doors if left unpatched.

SIM Farm Near UN Summit Seized by Secret Service

The U.S. Secret Service confiscated 300 SIM servers and 100,000 SIM cards from a massive fraud operation discovered near the UN summit in NYC. The takedown might have prevented a serious national security incident aimed at government officials.

GitHub Locks Down npm with 2FA and Limited Access Tokens

GitHub is mandating two-factor authentication and seven-day token expirations for npm package publishers in response to recent supply chain attacks like “Shai-Hulud.” This move significantly tightens the security around Node.js’s most popular package ecosystem.

Malicious npm Package Fezbox Uses QR Steganography

The ‘fezbox’ npm package was caught deploying an innovative trick — hiding malware inside QR codes to steal browser cookies. It poses a striking example of modern developer-targeted threats and the importance of vetting code dependencies.

SonicWall Updates Firmware to Remove Rootkits

SonicWall has issued a firmware fix for the SMA100 series, capable of removing embedded rootkits planted during targeted attacks. If you're running these devices, this patch could be your lifeline against stealthy malware persistence.

SolarWinds Issues Urgent Patch for Critical RCE Flaw

SolarWinds has released its third hotfix to address CVE-2025-26399 — a remote code execution vulnerability affecting Web Help Desk. This time, the patch also fixes a bypass from a previously flawed update. Don’t delay remediating this one.

ShadowV2 Botnet Exploits Misconfigured Docker on AWS

The ShadowV2 botnet is exploiting leaky AWS Docker containers for large-scale DDoS-for-hire operations. Using Python-based control and Go-based malware, it adds to the growing argument for cloud-focused security hygiene.

Crypto Scam Ring Busted After €100 Million Theft

European authorities arrested five individuals connected to a fraudulent crypto investment ring that stole over €100M since 2018. The gang targeted over 100 victims across 23 countries, making it one of the largest crypto scams exposed this year.

Data Quality, Not AI Models, Drives Business Success

Martin Frederik from Snowflake emphasized that poor data — not AI models — is what’s holding businesses back from scaling artificial intelligence effectively. His insights come as more organizations pivot toward data-centric strategies for AI growth.

BadIIS Malware Targets SEO to Deploy Web Shells

A Chinese-speaking threat group is distributing the BadIIS malware via SEO poisoning, redirecting users from fake sites and planting malicious web shells. The campaign heavily targets East Asian audiences and represents a dangerous blend of search manipulation and remote access.

Cybersecurity Tips: Lean Teams Must Adapt

With lean teams and longer containment durations (up to 292 days), breaches now cost U.S. companies an average of $11 million. Cyber leaders must rethink remediation strategies and invest in scalability and automation tools to offset staffing challenges.

WhatsApp Adds Built-in Message Translation

WhatsApp’s latest update introduces built-in message translation across chats, groups, and channels for iOS and Android. Whether you're running a global team or just chatting with overseas friends, it adds a layer of convenience to your daily messaging.

Free IGA Tool Streamlines Identity Governance

Managing identities doesn’t have to break your budget. Tenfold’s free Community Edition helps teams of up to 150 users automate onboarding, conduct access reviews, and manage Microsoft 365 permissions — all without writing a line of code.

Want to stay ready for anything? From data recovery to bootable OS installs, our Ultimate USBs have your back. Check out our tools today.