Top Tech Headlines for September 25, 2025

It’s been a big day in cybersecurity and tech! From Cisco emergency patches and stolen crypto wallets to Amazon’s massive settlement and advances in AI, here are today’s most important updates.

Malicious npm Package Stole User Emails

A counterfeit npm package impersonating Postmark’s “postmark-mcp” project was uncovered stealing user email content via a single malicious line of code. The package quietly exfiltrated communication from unsuspecting developers, proving how subtle—and dangerous—supply chain attacks can be.

Key takeaway: Always verify open-source packages before use, and isolate critical development environments where possible.

Co-op Reports $107 Million Loss from Scattered Spider Breach

The UK’s Co-operative Group disclosed a staggering £80 million ($107 million) hit to their bottom line due to the cyberattack carried out by Scattered Spider earlier this year. The attackers disrupted operations and caused financial chaos.

Key takeaway: Breaches don’t just affect data—they can deeply affect your finances. Invest in cybersecurity hygiene.

Cisco Firewalls Under Active Attack – Patch Immediately

Cisco and CISA have issued urgent advisories regarding multiple zero-day vulnerabilities—CVE-2025-20333 and CVE-2025-20362—affecting Cisco ASA firewalls. These flaws are already being exploited, prompting CISA to direct federal agencies to apply emergency patches via Directive ED 25-03.

Key takeaway: If you’re running Cisco ASA devices—even at home—patch today to block remote code execution and attack vectors.

Amazon Settles for $2.5 Billion Over Prime “Dark Patterns”

The FTC has reached a $2.5 billion agreement with Amazon over allegations it used deceptive design tactics to nudge users into Prime subscriptions—and made cancellations frustratingly complex. It’s one of the largest tech settlements in recent history.

Key takeaway: Expect increasing regulatory scrutiny on subscription models and user interface practices.

Rust Repository Hit by Crypto-Stealing Malware

Two malicious packages on crates.io were found scanning developer systems for private keys from Solana and Ethereum wallets. Downloaded over 8,400 times collectively, they underline a growing risk to Web3 developers using popular programming languages.

Key takeaway: As tools shift to open-source, so do scams. Always audit dependencies and use secure dev environments.

How Secure Are Passkeys?

As the world pivots away from passwords, a growing focus is on passkeys: cryptographic logins offering phishing resistance and simplified access. Though full adoption takes time, passkeys are proving more secure and cost-effective than traditional methods.

Key takeaway: It's time to start embracing passkeys for stronger identity protection and fewer password resets.

Teen Behind Vegas Cyberattacks Released to Parents

A 17-year-old allegedly involved in major 2023 cyberattacks targeting Las Vegas casinos has been released to parental custody. While the legal process unfolds, the case underscores how cybercrime increasingly involves younger perpetrators.

Key takeaway: Security education—and early parental guidance—has never been more important.

Windows 10 Extended Security Updates Go Free in Europe

Microsoft will offer free Extended Security Updates (ESUs) for Windows 10 users in the European Economic Area. As Windows 10 nears end-of-life globally, this move is seen as a regulatory response to the EU’s Digital Markets Act (DMA) requirements.

Key takeaway: For EU users, that’s great news. Everyone else should prep to transition off Windows 10 or plan their update strategy.

Samsung Measures AI in Real Workplaces

Samsung is challenging traditional benchmarks by evaluating AI model productivity in real-world enterprise settings. The initiative aims to understand how AI tools actually improve workflows—not just theoretical performance metrics.

Key takeaway: Watch for more meaningful AI evaluations, especially in the workplace tech stack.

Apple Says EU DMA Compromises iPhone Security

Apple has warned that the EU’s Digital Markets Act (DMA) could delay iOS features and introduce new security risks. The company cited concerns about third-party app store requirements and other mandates affecting platform integrity.

Key takeaway: Your iPhone in Europe may work a bit differently soon—and possibly be less secure by Apple’s standards.

Tether Eyes Massive $20B Raise, Could Hit $500B Valuation

Tether, the operator behind the world’s largest stablecoin, is looking to raise $20 billion—potentially pushing its valuation to half a trillion dollars. That would make it a private-sector heavyweight alongside SpaceX and OpenAI.

Key takeaway: Stablecoins aren’t just about crypto—they’re major financial engines now.

Qualcomm: 6G Will Power AI from Edge to Cloud

Qualcomm is betting on 6G to serve as the backbone for real-time AI computation between edge devices and the cloud. This vision ties together fast connectivity with distributed AI processing for smarter everything—from phones to cars.

Key takeaway: 6G isn’t just faster internet—it’s the future link of the AI economy.

Google Launches Agent Payments Protocol (AP2) to Secure AI Transactions

Google Cloud and 60+ industry partners launched AP2—a protocol designed to secure and monitor AI-driven payments. It ensures trust, transparency, and accountability in how digital agents process financial transactions.

Key takeaway: With AI making more business decisions, tamper-proof digital payment protocols are essential.

Huawei’s AI SuperPods Simulate Unified Brain

Huawei unveiled new AI hardware designed to make thousands of processors function as a single, cohesive unit. The company’s SuperPod strategy, alongside open-source contributions, could reshape the future of AI supercomputing.

Key takeaway: China’s playing serious ball in AI infrastructure—and open standards may help them lead.

Vane Viper Generates 1 Trillion DNS Queries for Global Malware Fraud

The Vane Viper botnet has coordinated over 1 trillion DNS queries using 60,000 domains to fuel a wide-reaching malware and ad fraud operation. The scale of the attack showcases the evolving brute force of cybercrime networks.

Key takeaway: DNS abuse at this level makes strong DNS filtering essential for enterprise defense.

Salesforce Patches Critical AI Prompt Injection Bug

Salesforce quickly patched a prompt injection flaw called “ForcedLeak” within Agentforce AI, which exposed sensitive CRM data. The vulnerability highlights emerging risks around integrating AI with trusted business data sources.

Key takeaway: Prompt injection isn't just a novelty—it's a serious data leakage risk in smart platforms.

North Korean Hackers Target Crypto Devs with AkdoorTea Backdoor

A new campaign tied to North Korea’s threat actors is deploying malware like AkdoorTea against global crypto developers. Disguised as job interviews and dev tools, the attack aims to harvest wallet data and infiltrate projects.

Key takeaway: Devs in Web3 or finance need to treat email and downloadable tools with extreme caution.

CTEM Proves Most Vulnerabilities Aren't Critical

A new study using Continuous Threat Exposure Management (CTEM) shows that less than 10% of vulnerabilities actually pose serious risk. The approach focuses on context, exploitability, and validation rather than raw CVE counts.

Key takeaway: Smart prioritization beats patching frenzy. It’s time to patch what matters most.

Tech Becomes Most Targeted Sector for DDoS Attacks

Tech companies have overtaken gaming as the #1 target for DDoS attacks, according to Gcore Radar. A record 1.17 million DDoS events were logged this year, with peak attack bandwidth reaching a massive 2.2 Tbps.