Top Tech Headlines for September 2, 2025
Welcome to your daily tech recap! Today’s cybersecurity news serves up plenty of data breach drama, record-breaking DDoS attacks, and scary-smart malware. Whether you're an IT pro or just want to stay secure in this ever-connected world, these are stories worth your attention.
Cloudflare Caught in Salesloft Drift Supply Chain Breach
Cloudflare has confirmed it was impacted by the ongoing Salesloft Drift supply chain attack. This incident highlights the ripple effects of third-party security weaknesses, as attackers leveraged access tokens to compromise downstream companies.
Cloudflare Deflects Largest-Ever DDoS Attack — 11.5 Tbps
In some good news, Cloudflare also announced it successfully mitigated the largest volumetric DDoS attack ever recorded, peaking at 11.5 terabits per second. The attack was automatically blocked with existing defenses, showcasing the critical importance of strong network resilience.
No, Google Didn't Tell 2.5 Billion Gmail Users to Reset Passwords
Despite rumors spreading online, Google has not issued a mass password reset alert for all Gmail users. The tech giant clarified that these claims are inaccurate, although some Workspace accounts may have been affected by separate, isolated incidents.
Jaguar Land Rover Hit by Major Cyberattack
Jaguar Land Rover reported that a cyberattack has “severely disrupted” operations, forcing parts of their systems offline. Details remain limited, but it’s yet another reminder that even major manufacturers are vulnerable to digital threats.
Ransomware Attack Causes PA Attorney General’s Office Outage
The Pennsylvania AG's office confirmed a ransomware attack is to blame for a two-week-long service disruption. Authorities are now working to restore systems and investigate the breach’s origin.
Palo Alto Networks Breach Tied to Supply Chain Attack
Palo Alto Networks became another casualty in the Salesloft Drift supply chain breach. The attackers compromised OAuth tokens to access customer support data and Salesforce instances.
Microsoft Offers Free Copilot AI to US Government Workers
Millions of U.S. federal employees will soon receive Microsoft’s Copilot AI assistant free of charge. It's a major push to integrate AI into public sector workflows—though it brings its own set of data governance questions.
Lazarus Group Adds Three New Malware Tools
North Korea's Lazarus Group continues to evolve, deploying new malware strains—PondRAT, ThemeForestRAT, and RemotePE—during a DeFi attack earlier this year. These tools likely exploit zero-days in Chrome for initial access.
MystRodX Backdoor Uses DNS and ICMP to Stealthily Control Systems
Researchers uncovered MystRodX, a backdoor that uses DNS and ICMP triggers to avoid detection. Active since early 2024, it communicates stealthily and deploys encrypted payloads—making it especially tricky for traditional defenses to catch.
Shadow AI: Companies Warned of Unmanaged Employee AI Use
Studies reveal that 90% of employees regularly use generative AI tools without IT oversight. Known as “Shadow AI,” this trend can lead to unforeseen data privacy and compliance risks within enterprises.
Ukrainian Network FDN3 Launches Brute-Force Assault on Remote Devices
Security researchers have attributed a wave of brute-force attacks targeting VPN and RDP services to FDN3, a Ukrainian-linked botnet. These attacks were traced to bulletproof hosting in Seychelles, linked to ransomware distribution.
Silver Fox Abuses Microsoft Driver to Deploy ValleyRAT
Silver Fox, a newer APT group, successfully exploited a Microsoft-signed WatchDog driver to run ValleyRAT malware and commit fraud. The attack highlights a disturbing trend of using legitimate software to bypass security layers.
Malicious npm Package Imitates Nodemailer to Steal Crypto Wallets
A malicious npm package named nodejs-smtp was discovered mimicking Nodemailer while targeting users of Atomic and Exodus crypto wallets. With only 347 downloads since April 2025, the impact is limited — but the technique is concerning for open-source developers.
Want to stay ready for anything? From data recovery to bootable OS installs, our Ultimate USBs have your back. Check out our tools today.
```