Top Tech Headlines for September 12, 2025

If you're into cybersecurity, cloud tech, or just want to stay one step ahead of the hackers, today's stories are must-reads. We've got alarming ransomware developments, zero-day exploits, upcoming OS support deadlines, and more. Let’s break down the biggest headlines of the day.

HybridPetya Ransomware Bypasses UEFI Secure Boot

A new ransomware variant dubbed HybridPetya is making waves for its ability to bypass UEFI Secure Boot using the exploit CVE-2024-7344. It installs a malicious app on the EFI System Partition and encrypts NTFS Master File Tables, asking for a $1,000 Bitcoin ransom. This highlights the growing sophistication of firmware-level malware.

CISA Issues Alert for Critical Dassault CVE

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged active exploitation of CVE-2025-5086 in Dassault Systèmes’ DELMIA Apriso, a manufacturing platform. Federal agencies are required to patch by October 2, 2025. Remote code execution vulnerabilities in supply chain software remain a top national security threat.

Windows 11 23H2 Reaches End of Support in Just 60 Days

Microsoft has officially reminded users that Windows 11 23H2 Home and Pro editions will stop receiving updates in November 2025. That means only 60 days are left to upgrade in order to remain secure and supported. Don't wait—unsupported systems are prime targets for exploits.

Cyberattack Survival: Three Things You’ll Need Immediately

According to Acronis TRU, when cyberattacks strike, the difference between a recovery and a disaster comes down to three things: clarity, control, and a reliable lifeline. These essentials help IT teams quickly assess, contain, and bounce back from incidents. Preparation is half the battle—sometimes it's everything.

Memphis Man Gets 57 Months in Prison for Movie Leak Scheme

A Memphis-based employee of a DVD/Blu-ray distributor has been sentenced to over 4 years in federal prison for stealing and selling unreleased digital movies. The case underscores the ongoing risk of insider threats to digital copyright and entertainment companies.

Samsung Patches Critical Android Zero-Days

Samsung has issued patches for a remote code execution flaw (CVE-2025-21043) actively exploited in Android devices, reportedly discovered through WhatsApp. This zero-day exploit allowed attackers to run arbitrary code, emphasizing the importance of prompt mobile updates. Samsung users should install the latest security updates immediately.

Apple Warns of Fourth Spyware Campaign in France

Apple has sent out its fourth spyware alert of 2025 to French users, with confirmation from CERT-FR. The attacks reportedly target high-risk users, such as journalists and political figures. iOS users in France are urged to double-check device integrity and update promptly.

Cursor AI Editor Flaw Allows Silent Code Injection

A flaw in the Cursor AI code editor exposes users to silent code execution through malicious repositories. Workspace Trust is disabled by default, leaving the door open for stealthy exploits. Developers using Cursor should urgently enable Workspace Trust or consider alternative tools.

Runtime Visibility: The New Pillar of Cloud Security

2025 has seen a surge in cloud-native breaches, forcing companies to prioritize runtime visibility in their security stack. According to experts, improved runtime logging reduces false positives and accelerates AI-driven threat detection. It’s a best practice now, not a luxury.

Nella Digital’s Social Strategy Gets a Boost from Cloud Campaign

A new case study reveals how Nella Digital Group streamlined social content creation for health and wellness clients using Cloud Campaign. The platform helped improve productivity, collaborative workflows, and content delivery across multiple accounts. A solid reminder that the right tech tools matter—even outside of cybersecurity.

Want to stay ready for anything? From data recovery to bootable OS installs, our Ultimate USBs have your back. Check out our tools today.