Top Tech & Cybersecurity News You Need to Know – September 5, 2025

```html Top Tech Headlines for September 05, 2025 | BootableUSBs

Top Tech Headlines for September 05, 2025

Today’s news is packed with big updates in cybersecurity and IT. From mandatory MFA and data breaches to massive fines and cutting-edge automation, we’ve got you covered with the day’s top tech stories. Let’s dive in and break it all down.

Microsoft Now Requires MFA for Azure Portal Users

Since March 2025, Microsoft has enforced multifactor authentication (MFA) for signing into the Azure Portal across all tenants. This move is designed to strengthen security and reduce the likelihood of compromised credentials in cloud environments. If your organization uses Azure, ensure users are ready and MFA processes are streamlined.

EU Hits Google with $3.5 Billion Fine for Adtech Monopoly

The European Commission fined Google €2.95 billion (about $3.5 billion) over anti-competitive practices in digital advertising. Regulators claim Google favored its own ad technologies over competing services, stifling market competition. This continues the EU’s trend of cracking down on Big Tech’s market dominance.

Wealthsimple Confirms Data Breach

Canadian fintech firm Wealthsimple disclosed a data breach that exposed customer information. The company hasn't revealed how many individuals were affected or exactly what data was compromised. If you're a user, monitor your financial statements and consider resetting your account credentials.

Critical Argo CD API Flaw Exposes Repository Credentials

A high-severity vulnerability in Argo CD allows even low-privilege API tokens to access and exfiltrate repository credentials. Organizations utilizing Argo CD in CI/CD pipelines should patch immediately and rotate exposed credentials. This is a serious flaw in infrastructure-as-code environments.

Microsoft Offers Free Microsoft 365 for U.S. College Students

Students in the U.S. can now get a free one-year subscription to Microsoft 365 Personal, starting this week. The initiative aims to support students with access to professional tools like Word, Excel, and OneDrive. If you're a student, don’t miss the opportunity to enhance your productivity without paying a dime.

Legacy IGA Slows You Down — Modern Systems Are Smarter

Sticking with outdated Identity Governance & Administration (IGA) tools can be a roadblock to compliance and efficiency. Modern solutions are faster, more secure, and easier to integrate, with built-in compliance features and automated workflows. It may be time for an upgrade if your IGA system is still code-heavy and clunky.

SAP S/4HANA Exploit Now Active in the Wild

Security researchers warn that CVE-2025-42957, a near-critical SAP S/4HANA vulnerability (CVSS 9.9), is being actively exploited. The flaw enables attackers to execute arbitrary code and gain full control of the targeted system. Businesses using SAP should apply patches immediately to prevent breaches.

UK AI Investment Soars to £2.9B, Outpacing the Economy

The UK’s AI sector has experienced staggering growth—expanding 150 times faster than the rest of the economy—thanks to a record £2.9 billion in investment. Government and private sector momentum are fueling innovation across industries. It’s a high point for the AI scene in Europe and suggests rapid advancement ahead.

CISA Urges Emergency Patching of Sitecore Vulnerability

CISA has issued a warning for CVE-2025-53690 in Sitecore, a critical 9.0 severity flaw that's been exploited in the wild since December 2024. The vulnerability allows for remote code execution and potential data theft. Organizations running Sitecore CMS should deploy patches without delay.

CastleRAT Malware Expands via GitHub & Phishing

TAG-150 has developed CastleRAT in Python and C to deploy malware via phishing emails and GitHub-hosted payloads. These campaigns target sensitive data and have been active since March. Security teams should increase monitoring of incoming emails and GitHub access logs.

Pentesting Gets an Upgrade with Automation

Automation is transforming the way penetration testing is delivered. Instead of static reports, real-time workflows now offer faster remediation and reduced mean time to resolution (MTTR). This shift improves both security posture and internal response times.

Phishing via SVG Files Dodges Antivirus

VirusTotal researchers discovered 523 malicious SVG files being used in phishing campaigns—44 of which had zero AV detection. These files conceal Base64-encoded content and are capable of delivering malware like AMOS to macOS users. It’s a reminder that even vector graphics aren’t always innocent.

Want to stay ready for anything? From data recovery to bootable OS installs, our Ultimate USBs have your back. Check out our tools today.

```
, , ,

RELATED ARTICLES
Tech News Roundup: Apple Privacy Changes, FTC Data Concerns, Tesla Hack & AI Voice Cloning
Tech News Today: Android 15, Intel 2nm Chips, Windows Exploit Fix & More – Oct 3, 2025
Apple, Google, and OpenAI Lead Major Tech and Security Updates – October 2, 2025
iOS Zero-Days, AI Laws & Data Breaches: Top Cybersecurity News for October 1, 2025
Urgent Tech Alerts: Zero-Day Threats, Windows Patch, and Linux Upgrades – Sept 30, 2025
Top Tech and Cybersecurity News for September 29, 2025: Ransomware Surge, Secure Boot, and AI Updates
Top Tech News September 28, 2025: Chrome Zero-Day, Ubuntu 25.10 Beta, Windows 12 AI Copilot & More
Tech News Today: Windows 11 Patch, AI Lawsuits, Major Data Breach & Linux Upgrades