Top Tech Headlines – September 24, 2025

From AI leaps and privacy nightmares to zero-day exploits and massive law enforcement wins, today’s tech landscape is nothing short of electrifying. Here’s your September 24, 2025 tech and cybersecurity roundup – all organized and USB-boot-ready.

🚨 Supermicro Firmware Flaws Could Enable Persistent Server Backdoors

Two newly disclosed vulnerabilities in Supermicro’s Baseboard Management Controller (BMC) firmware could allow attackers to flash malicious firmware images and maintain stealthy, persistent access. These flaws impact out-of-band management and may let attackers bypass typical security barriers. If you run Supermicro-based infrastructure, patching is strongly advised.

🤖 OpenAI Internally Testing "GPT-Alpha" – A GPT-5 Based Agent

OpenAI is quietly testing a next-generation AI model dubbed "GPT-Alpha," based on GPT-5. Though details are scarce, sources suggest it's being developed with a new class of AI agents in mind. Expect smart assistants to get a whole lot smarter.

🔧 Kali Linux 2025.3 Drops: 10 New Tools and Wi-Fi Upgrades

The latest Kali Linux release, version 2025.3, is packed with ten new tools, improved Nexmon support for advanced Wi-Fi testing, and enhancements to NetHunter. Whether you're pen testing or hardening your systems, it's a must-download for cybersecurity pros.

⚠️ Cisco Warns of Zero-Day Exploited in the Wild on IOS Software

A serious zero-day vulnerability in Cisco IOS and IOS XE is under active exploitation. Cisco has pushed urgent patches, and users should update affected systems immediately. The flaw enables remote code execution, underscoring the importance of regular firmware updates.

📱 OnePlus Flaw Lets Rogue Apps Access and Send SMS Messages

An unpatched OxygenOS vulnerability could allow any app on a OnePlus device to read and send SMS messages—without user consent. This kind of flaw opens the door to targeted phishing scams and surveillance. OnePlus has yet to issue a fix.

🌍 $439 Million Seized from Global Cybercrime Rings

Interpol and global law enforcement agencies have recovered $439 million from worldwide cybercrime rings in a massive five-month sting. The takedown impacted thousands of victims and involved both cash and crypto. It’s a much-needed win in the fight against cyber-enabled financial fraud.

🕵️‍♂️ Obscura: A New Ransomware Spreads via Domain Controllers

A previously unknown ransomware variant, dubbed Obscura, has been spreading laterally from infected domain controllers. Analysts say it's highly evasive and targets enterprise environments. If you're in IT or security, now’s the time to review your backup and recovery plans.

🧱 Brickstorm Malware Found in Long-Term Attacks on U.S. Orgs

Google has linked a sophisticated malware campaign, known as Brickstorm, to suspected Chinese threat actors targeting U.S. legal and technology firms. The campaign ran for over a year, enabling stealthy access and data theft. The attack highlights the growing threat of state-sponsored cyberespionage.

✈️ RTX Ransomware Disrupts Airports; UK Suspect Arrested

The UK's National Crime Agency has arrested a suspect linked to the RTX ransomware campaign, which has disrupted air traffic across European airports. The arrest is a big step forward, but the effects of the attacks continue to ripple through travel sectors.

🐍 PyPI Users Warned to Reset Credentials After Phishing Blitz

The Python Software Foundation urges all developers to reset their PyPI credentials after phishing attacks used a fake PyPI site to hijack accounts. If you're a package maintainer, enable 2FA and check for suspicious activity.

💸 GitHub Notifications Abused in Crypto Phishing Campaign

Threat actors spoofed GitHub's notification system, impersonating Y Combinator to deliver cryptocurrency-stealing malware. The campaign targeted developers with fake project invites. Stay extra cautious with unsolicited GitHub invitations, especially if they seem too good to be true.

🛍️ Generative AI Booms in Retail – But So Do Security Risks

Retailers are racing to adopt generative AI, but a new report shows they’re exposing themselves to data leaks, compliance risks, and attack vectors. Cybersecurity and governance are lagging behind innovation, raising red flags for customer privacy and corporate IP.

💾 OpenAI & Nvidia Plan $100B AI Chip Partnership

OpenAI and Nvidia are reportedly planning a $100 billion chip deal to power future AI developments. The agreement would give OpenAI access to next-gen silicon and Nvidia a stake in the AGI race. It’s a monumental move toward AI-wide infrastructure scaling.

🧠 GitLab Unveils AI Agents and Knowledge Graph

GitLab has released new features including customizable AI agents and a Knowledge Graph integration. This upgrade expands their platform into an intelligent development hub, signaling the rise of AI-driven DevOps.

⚠️ Governance Challenges in Agentic AI Explained

A featured report warns that as AI agents gain autonomy, accountability gaps get wider. Without proper oversight, these systems could lead to exposure risks and legal uncertainties. Organizations are urged to tread carefully while leveraging AI agents in the wild.

👨‍💻 Chinese Hackers RedNovember Use Pantegana, Cobalt Strike

RedNovember, a Chinese state-backed APT group, has been using advanced tools like Pantegana and Cobalt Strike to infiltrate government and private-sector targets. Their technique involves lateral movement and long-term persistence—hallmarks of sophisticated threats.

🔓 Wondershare RepairIt Plagued with Critical Flaws

Security researchers found two serious vulnerabilities in Wondershare RepairIt that could lead to AI model exposure and user data theft. These SaaS threats also highlight the risks of weak supply chain security.

💥 Poor Password Security Led to 158-Year Business Collapse

Akira ransomware facilitated the shutdown of KNP Logistics, a 158-year-old British company, after attackers exploited a weak password. The breach demanded a £5M ransom and cost 700 jobs. It’s a tough lesson in modern cybersecurity hygiene.

👿 New YiBackdoor Malware Shares Traits with Known Threats

YiBackdoor malware has been spotted in the wild, with code overlap found in both IcedID and Latrodectus. Meanwhile, ZLoader evolves with new communication features, making detection harder. Malware families continue to blend and mutate in evasive ways.

💳 Iframe Security Weakness Aids Skimmer Attacks

A new Stripe iframe skimmer attack exploited a browser blind spot, compromising 49 online merchants and stealing card details. The incident is steering regulatory updates in PCI DSS 4.0.1 and raising awareness around iframe vulnerabilities in e-commerce.

🛡️ Pandoc Exploit Targeting AWS EC2 IAM Credentials

Wiz researchers spotted hackers using Pandoc’s SSRF vulnerability (CVE-2025-51591) to access AWS Instance Metadata Service and steal credentials. Organizations relying on Pandoc are urged to adopt IMDSv2 and patch immediately.

📧 Libraesva ESG Vulnerability Exploited by State Hackers

State-sponsored attackers have been exploiting CVE-2025-59689 in the Libraesva Email Security Gateway. The bug allows remote code execution, prompting the vendor to release critical patches. Email gateways continue to be high-value targets for sophisticated threat actors.

Want to stay ready for anything? From data recovery to bootable OS installs, our Ultimate USBs have your back. Check out our tools today.