Top Tech News September 18, 2025: AI in Notepad, Chrome Zero-Days, Huawei Chips, Cyber Threats

```html Top Tech Headlines for September 18, 2025

Top Tech Headlines for September 18, 2025

Happy Thursday, tech fans! From rogue hackers and zero-days to AI-powered Notepad and new chip launches, today's news roundup has it all. Let’s break down the biggest cybersecurity and tech stories shaping your digital world.

UK Nabs ‘Scattered Spider’ Teens Behind London Transport Cyberattack

Authorities in the UK have arrested two teenagers suspected of being part of the hacking group "Scattered Spider." They're thought to be behind the August 2024 attack on Transport for London’s infrastructure. The arrests spotlight the growing global crackdown on young cybercriminals targeting public services.

SystemBC Malware Hijacking VPS Servers for Malicious Proxy Activity

A fresh report uncovers that the SystemBC botnet is compromising commercial VPS (Virtual Private Servers) to funnel cyberattack traffic. With 1,500 infected bots running daily, it’s another reminder that hosting solutions aren't immune from exploitation if left unpatched or misconfigured.

Microsoft 365: Powerful But Risky, Says Security Experts

Popular for its seamless integration, Microsoft 365 is increasingly viewed as a major attack surface. Acronis warns that backup blind spots and lateral movement pathways make it a high-value target for cybercriminals. Proper backup and segmentation strategies are more crucial than ever.

AI Comes to Notepad on Windows 11 Copilot+ PCs

Microsoft is rolling out AI writing features in Notepad—for free—on Copilot+ enabled Windows 11 machines. From generating summaries to suggesting grammar tweaks, Notepad just got way smarter. It's a small but significant step towards AI-powered productivity for everyday users.

PyPI Revokes Tokens Stolen in GhostAction Supply Chain Attack

The Python Software Foundation invalidated all compromised PyPI tokens after the GhostAction breach earlier this month. Thankfully, no malware was distributed using the stolen credentials—but it underscores how vital secure token management is for software repositories.

WatchGuard Alerts Users to Critical Firebox Firewall Vulnerability

Users of Firebox appliances take note: WatchGuard has released a patch for a critical remote code execution flaw. If exploited, this could let attackers seize control of firewall devices. Immediate updates are recommended to close the gap.

Google Fixes Sixth Chrome Zero-Day Exploit of the Year

Chrome users, update ASAP—Google has patched another actively exploited zero-day vulnerability (CVE-2025-10585) involving its V8 JavaScript engine. It’s the sixth zero-day patched this year, revealing increased targeting of browser-based exploits. Don’t delay those browser restarts!

Huawei’s New Ascend Chips to Power Next-Level AI SuperClusters

Huawei has unveiled its next-gen Ascend chipsets, geared to roll out in 2026 and power some of the most powerful AI superclusters globally. Announced at Huawei Connect 2025, the chips will drive innovation in enterprise-level AI compute environments.

Data Breach Hits SonicWall Cloud Backups, Triggers Password Reset

SonicWall is urging customers to reset passwords after a breach exposed backup files of under 5% of cloud users. While firewall exploitation hasn’t been reported, the incident highlights ongoing risks to data integrity in hybrid infrastructure.

CountLoader Expands Russian Ransomware Arsenal

Cybersecurity pros are sounding alarms on CountLoader malware, which is helping Russian ransomware gangs spread tools like Cobalt Strike and remote access trojans. Delivered via phishing, it’s part of a broader campaign targeting Ukraine and beyond.

SilentSync RAT Found in Malicious PyPI Packages

Zscaler researchers report that the SilentSync RAT—a stealthy remote access trojan—was hidden in two recent Python packages on PyPI. These packages could compromise systems across multiple OS platforms and steal sensitive browser session data.

AI Governance: CISOs Urged to Take Charge

As AI adoption accelerates, security leaders (CISOs) are being encouraged to develop “living governance” models that evolve with deployment. Shadow AI and unsupervised tools pose some of the biggest risks, making structured oversight a high priority.

Chrome’s JavaScript Engine Under Fire in Another Zero-Day Flaw

On top of Google's latest patch, exploit CVE-2025-10585 was tied to the V8 engine—once again placing JavaScript parsing in the security spotlight. Attackers are leveraging this bug in real-time, impacting millions worldwide. Ensure auto-updates are enabled and functioning.

Silence Isn’t Safety: Why Brand Transparency Matters

In an era of constant breaches and AI disruption, marketing expert Sarah Moloney says it’s time brands ditched PR silence and leaned into transparency. Fast, honest communication builds trust far better than retreating behind vague announcements.

Want to stay ready for anything? From data recovery to bootable OS installs, our Ultimate USBs have your back. Check out our tools today.

```
, , ,

RELATED ARTICLES
Top Cybersecurity and Tech News You Need to Know – September 25, 2025
Top Tech and Cybersecurity News for September 24, 2025: OpenAI GPT-5, Supermicro Flaws, Ransomware Attacks, and More
Cybersecurity Breaches, DDoS Records, and App Updates: Top Tech News for September 23, 2025
Cyber Chaos and AI Risks: 20 Must-Know Security Headlines from September 22, 2025
Microsoft Entra ID Hack Risk and North Korean Crypto Malware: Top Tech Alerts for September 21, 2025
AI Malware, Crypto Seizures, and Zero-Click Attacks: Top Cybersecurity News for September 20, 2025
AI Upgrades, Cyber Threats, and the Future of Tech – Top Headlines for September 19, 2025
Cybersecurity Chaos: Top Breaches, AI Threats, and Software Warnings for September 17, 2025