From record-breaking DDoS attacks and SVG-based phishing to zero-day exploits and AI-powered trade secret drama — this week’s threat landscape had something for everyone (except peace of mind).

🔍 Russian APTs were intercepted mid-hack, North Korea’s ScarCruft went academic, and Google had to patch 120 Android flaws (yes, 120 — not a typo).

🏭 Meanwhile, Bridgestone and Jaguar Land Rover hit the cyber brakes, Salesloft Drift’s supply-chain chaos keeps expanding, and a misconfigured server spilled 378GB of Navy Federal data like a coffee cup on a Monday keyboard.

💸 Oh, and France fined Google €325M for cookie violations. Cookies should be shared — just not like that.

Whether you're into cloud misconfigs, espionage backdoors, or the latest in malware delivery creativity, we’ve got your roundup — short, sharp, and 100% threat actor free.

👇 Click through for this week’s full cybersecurity recap

🚨 Major Cyberattacks & Data Breaches

From automakers to cloud security vendors, attackers kept pressure on industries with targeted intrusions and leaks.

• 🛡️ Zscaler breach exposes customer data after Salesforce compromise (Published on 9/1/2025, BleepingComputer). Read More

• 🚗 Jaguar Land Rover cyberattack disrupts production systems (Published on 9/2/2025, BleepingComputer). Read More

• 🏭 Bridgestone confirms cyberattack impacting manufacturing in North America (Published on 9/4/2025, BleepingComputer). Read More

• 💾 Misconfigured server leaks 378GB of Navy Federal Credit Union files (Published on 9/3/2025, Hackread). Read More

• 📊 Extent of Salesloft Drift attacks still unclear as breaches spread (Published on 9/4/2025, Dark Reading). Read More

🛡️ Malware & Vulnerabilities

Critical flaws and stealthy malware techniques underscored the evolving threat landscape.

• 📱 Android droppers now deliver spyware and SMS stealers, not just banking trojans (Published on 9/1/2025, The Hacker News). Read More

• 🧬 MystRodX backdoor uses DNS & ICMP triggers for stealth (Published on 9/2/2025, The Hacker News). Read More

• 🔧 Sangoma patches CVSS 10 FreePBX zero-day under active exploitation (Published on 9/2/2025, SecurityWeek). Read More

• 📱 Google Android September patch fixes 120 flaws, including two exploited zero-days (Published on 9/3/2025, The Hacker News). Read More

• 🎨 VirusTotal finds SVG-based phishing attacks bypassing detection (Published on 9/5/2025, The Hacker News). Read More

• 🔑 Argo CD flaw leaks repository credentials with low-level tokens (Published on 9/5/2025, BleepingComputer). Read More

📡 Espionage & Nation-State Operations

State-linked actors targeted critical accounts, energy firms, and academic institutions.

• ☁️ Amazon disrupts Russian APT29 (Midnight Blizzard) targeting Microsoft 365 accounts (Published on 9/1/2025, BleepingComputer). Read More

• 🎓 North Korea’s ScarCruft uses RokRAT malware to target academics (Published on 9/1/2025, Hackread). Read More

• ⚡ U.S. offers $10M reward for three Russian hackers tied to energy sector attacks (Published on 9/4/2025, SecurityWeek). Read More

🌐 DDoS, Outages & Infrastructure

Service resilience was tested as attackers pushed internet-scale disruptions.

• 🌊 Cloudflare mitigates record-breaking 11.5 Tbps DDoS attack (Published on 9/2/2025, SecurityWeek). Read More

• 📶 CISA warns Wi-Fi range extender flaw under active attack; urges device retirement (Published on 9/3/2025, SecurityWeek). Read More

⚖️ Policy, Regulation & Industry Trends

Regulators and courts weighed in on privacy, trust, and corporate accountability.

• 🇫🇷 France fines Google €325M for cookie violations & ad tracking in Gmail (Published on 9/4/2025, BleepingComputer). Read More

• 🔏 Misissued 1.1.1.1 certificates spark global trust concerns (Published on 9/4/2025, Ars Technica). Read More

• ⚖️ Scale AI sues competitor Mercor over alleged stolen trade secrets (Published on 9/4/2025, Gizmodo). Read More

🚔 Law Enforcement & Cybercrime

Authorities tackled piracy, scams, and fraud operations at scale.

• 📺 Global IPTV piracy network uncovered, targeting Netflix, Disney, HBO (Published on 9/5/2025, Malware News). Read More

• 🎥 Scammers exploit Grok AI with malicious video ads on X (Published on 9/5/2025, Hackread).

Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!