Top Tech Headlines for September 21, 2025

Today’s roundup brings some major tech alerts you need to know about: A massive Microsoft security flaw that could’ve given attackers full access to corporate networks, and new North Korean malware targeting crypto pros with clever social engineering. Let’s break them down.

Microsoft Entra ID Flaw Could Have Let Hackers Hijack Any Company

A critical vulnerability in Microsoft Entra ID (formerly Azure Active Directory) could have let attackers take over any organization’s tenant. This flaw, stemming from legacy components in the system, had the potential to expose internal infrastructure across global enterprises.

Microsoft has since patched the issue, but the incident highlights the urgent need for robust identity management and up-to-date cloud security practices. If your organization uses Microsoft's cloud ecosystem, it's a good time to review your security posture.

DPRK Hackers Target Crypto Workers with BeaverTail Malware via ClickFix

North Korean state-sponsored hackers have a new trick up their sleeve. According to security researchers, DPRK actors are using a platform called ClickFix to distribute malware known as BeaverTail, targeting cryptocurrency marketing professionals through fake job lures.

The attack method includes password-protected archives on Windows—a shift from previous patterns that suggests increased focus on avoiding detection. If you’re active in crypto or tech hiring, beware of unexpected emails and attachments from unfamiliar sources.

Want to stay ready for anything? From data recovery to bootable OS installs, our Ultimate USBs have your back. Check out our tools today.