Cybersecurity Chaos, Data Leaks, and AI Breakthroughs: Top Tech News for September 4, 2025

```html Top Tech Headlines for September 4, 2025

Top Tech Headlines for September 4, 2025

From massive data breaches to advanced AI launches and zero-day router vulnerabilities, the tech world was buzzing today. Whether you're a dev, IT pro, or just trying to stay protected online — here's everything you need to know.

Hackers Exploit Sitecore Zero-Day to Drop Stealthy Malware

Legacy Sitecore systems are being targeted via a newly discovered zero-day exploit. Attackers are using it to deploy WeepSteel, a reconnaissance backdoor designed to silently observe and gather data from compromised servers. Organizations still running older Sitecore versions should patch or segment vulnerable infrastructure immediately.

Texas Sues PowerSchool After Breach Hits 62 Million Students

A December 2024 breach at education tech firm PowerSchool exposed data on 62 million students, including 880,000 in Texas. Now, the state's Attorney General is suing, citing poor data governance and massive privacy failures. If you’ve ever used PowerSchool, it might be time to monitor your identity protection tools.

Chess.com Breach Linked to Third-Party File Transfer Tool

Chess.com confirmed user data was exposed through a compromised file transfer app. While details remain sparse, attackers leveraged unauthorized access to pull sensitive information. This underscores the ongoing risks posed by third-party tools in the supply chain.

TP-Link Zero-Day Confirmed — CISA Flags Active Exploits

TP-Link has acknowledged an unpatched zero-day flaw in multiple router models. CISA also flagged two other known vulnerabilities, CVE-2023-50224 and CVE-2025-9377, urging users to take action before September 24. If you’re running TP-Link gear at home or work, now’s the time to check for firmware updates or segment networks.

Google Fined $379 Million for Cookie Consent Violations in France

Google's ad practices again came under fire in Europe. France’s data watchdog CNIL fined the search giant $379 million for inserting ads into Gmail conversations without appropriate cookie consent. This brings regulatory fines for privacy violations sharply into focus — and signals tighter enforcement ahead.

Browser Attacks Take the Cybersecurity Spotlight in 2025

Push Security revealed six major browser-based attack types rising in prevalence this year. From phishing kits to rogue extensions and abused OAuth permissions, browsers are now a primary attack vector. Swapping browser habits or deploying endpoint tools could limit exposure.

Bridgestone Confirms Cyberattack on Manufacturing Systems

Tire giant Bridgestone is the latest industrial target. A cyberattack has affected some of its North American manufacturing operations. While specifics are scarce, downtime in production may ripple across automotive supply chains.

Microsoft August Update Triggers App Install Issues

August’s Windows security updates have caused widespread headaches for non-admin users. Unexpected UAC prompts are preventing routine app installs, prompting enterprise IT teams to seek workarounds. Microsoft is investigating a fix — but in the meantime, admin installs may be your only workaround.

Singtel and Tencent Launch 5G Cloud Gaming with Network Slicing

Singtel and Tencent have teamed up to unlock 5G potential for cloud gaming via network slicing technology. This innovation divides network bandwidth into virtual lanes for latency-free gameplay. Gamers in Asia could be looking at smoother, faster mobile gaming experiences — and a glimpse of next-gen internet infrastructure.

AI Coding Tools Speed Development — But Add Security Risks

AI tools that help developers write code are boosting productivity — but introduce vulnerabilities. New research shows insecure code written via AI assistants is making its way into production, increasing the attack surface for businesses. Organizations need to balance speed with rigorous testing and secure coding practices.

Google Boosts Android Dev Toolkit with Smarter UIs and AI

Google rolled out updates to help Android developers build more adaptive, responsive interfaces — all while leveraging AI suggestions for faster builds. These enhancements could make Android development smoother for both new and seasoned teams. Expect easier layout testing and AI-fueled creativity via Jetpack and Firebase.

Switzerland Releases Fully Open AI Model "Apertus"

Apertus, a 100% open AI model, has just dropped courtesy of Swiss researchers. Unlike proprietary models, this one includes full access to training data, design specs, and source code. Developers and academics finally have a transparent alternative to closed LLMs.

CrateDB Pushes AI Data Infrastructure from Minutes to Milliseconds

CrateDB’s latest performance leap enables near real-time AI processing. By focusing on scalable, multimodal data ingestion, the company aims to power tomorrow’s industrial AI platforms. It's a sign that database architecture is evolving quickly to meet AI's demands.

The EU’s Vision for Ethical, Open AI

The Open Data Institute’s Resham Kotecha says Europe can lead in AI by combining strong rights protections with open source principles. Rather than prioritizing speed alone, the EU might dominate AI through trust and transparency. With models like Apertus gaining traction, she's likely not wrong.

Russian APT28 Targets NATO Firms with "NotDoor" via OneDrive

The notorious APT28 hacking group used a OneDrive DLL sideloading technique to deploy the NotDoor backdoor in Outlook. This espionage tool enabled covert email data theft, primarily targeting NATO-affiliated organizations. Email security is no longer optional — it's mission-critical.

GhostRedirector Malware Hijacks 65 Windows Servers

GhostRedirector is a combo malware campaign using the Rungan backdoor and Gamshen IIS module. It’s hijacked at least 65 Windows servers to run SEO fraud schemes, redirecting unsuspecting users to malicious ads. If you're running public-facing IIS, now is the time for a thorough security audit.

Malware Spread Through Exploited Grok AI on X

Cybercriminals are leveraging X’s Grok AI to bypass ad filters and deliver malware through disguised links. Millions of users were exposed to malicious content promoted via seemingly legitimate ads. This exploit puts both AI moderation and ad platforms under the microscope.

Simple Security Wins: Block Unknown Apps, Enforce MFA

Sometimes, security success is in the basics. Experts recommend blocking unknown applications and enforcing multi-factor authentication (MFA) across endpoints to dramatically reduce ransomware risk. Simple steps still go a long way in battle-hardened environments.

Want to stay ready for anything? From data recovery to bootable OS installs, our Ultimate USBs have your back. Check out our tools today.

```
, , ,

RELATED ARTICLES
Tech News Roundup: Apple Privacy Changes, FTC Data Concerns, Tesla Hack & AI Voice Cloning
Tech News Today: Android 15, Intel 2nm Chips, Windows Exploit Fix & More – Oct 3, 2025
Apple, Google, and OpenAI Lead Major Tech and Security Updates – October 2, 2025
iOS Zero-Days, AI Laws & Data Breaches: Top Cybersecurity News for October 1, 2025
Urgent Tech Alerts: Zero-Day Threats, Windows Patch, and Linux Upgrades – Sept 30, 2025
Top Tech and Cybersecurity News for September 29, 2025: Ransomware Surge, Secure Boot, and AI Updates
Top Tech News September 28, 2025: Chrome Zero-Day, Ubuntu 25.10 Beta, Windows 12 AI Copilot & More
Tech News Today: Windows 11 Patch, AI Lawsuits, Major Data Breach & Linux Upgrades