Top Tech Headlines for September 1, 2025

From state-sponsored cyberattacks to shifting mobile tech and underperforming security tools, today’s tech news reveals both innovation and cybersecurity friction. Here’s what you need to know to stay sharp, secure, and one step ahead.

Zscaler Confirms Breach Tied to Salesforce Compromise

Cybersecurity firm Zscaler disclosed a breach involving unauthorized access to its Salesforce environment via compromised third-party integrations like Salesloft and Drift. The attackers accessed customer case data, though no malware deployment was reported. This event underscores the rising value of SaaS platforms as attack vectors and the need for tighter third-party security controls.

Amazon Disrupts Russian APT29 Attack on Microsoft 365

Amazon took action against Midnight Blizzard (APT29), a Russian state-sponsored hacking group attempting to breach Microsoft 365 accounts through cloud infrastructure. The attack was aimed at stealing sensitive information via credential theft and API abuse. Timely disruption prevented widespread damage—an important reminder that vigilance across platforms is vital.

Slow eSIM Adoption Still Blocking Global Mobile Connectivity

Despite years of promise, eSIM rollout remains slower than expected, delaying the benefits of seamless mobile connectivity, global roaming, and reduced reliance on physical SIM cards. Regulatory hesitations and lackluster telecom readiness are among the culprits. Solving these problems could unlock a more fluid, borderless mobile experience.

Android Droppers Now Deliver More Than Banking Malware

Android "dropper" malware has evolved beyond banking trojans to distribute SMS stealers and spyware. These attacks, often bundled into fake financial apps, are actively evading Google Play Protect in countries like India. Android users should be cautious of installs outside trusted sources and consider multi-layered mobile security.

Weekly Cybersecurity Recap: WhatsApp 0-Day, Docker Bugs, and Spyware Alerts

This week’s security recap includes a WhatsApp 0-day vulnerability, a critical Docker privilege escalation flaw, and new spyware activity. A breach at Salesforce and phishing campaigns using fake CAPTCHAs also made headlines. Rapid response and layered defense are clearly the name of the game.

When Your Browser Becomes the Frontline: Scattered Spider’s New Trick

Security experts are warning about browser-based application attacks, with 80% of incidents now involving browser sessions or APIs. Attackers like Scattered Spider are exploiting session hijacks and application logic flaws to sidestep traditional endpoint defenses. If your browser isn’t protected, your system might be wide open.

ScarCruft Targets Korean Academics with RokRAT Malware

The North Korea-linked group ScarCruft has launched "Operation HanKook Phantom," using well-crafted spearphishing emails and RokRAT malware to spy on South Korean academics. This operation reflects a growing trend in intelligence-driven cyberterrorism. Institutions dealing with sensitive research must remain hypervigilant.

SIEMs Under Scrutiny as Costs Soar and Alerts Go Ignored

New data shows SIEM (Security Information and Event Management) solutions are costing enterprises millions with little return—74% of alerts are ignored, and average annual spend has ballooned to $5.3 million. The report challenges the value of legacy security alerting tools and points toward more efficient detection models.

ServiceNow and XM Cyber Introduce Risk Graphing Integration

ServiceNow is teaming up with XM Cyber to integrate attack path modeling into risk management workflows. This fourth dimension of risk visibility allows security teams to prioritize exposures based on how attackers could move laterally through systems. It marks a shift toward a more attacker-centric defense posture.

Want to stay ready for anything? From data recovery to bootable OS installs, our Ultimate USBs have your back. Check out our tools today.