BMC Daily Cyber News

This is today’s cyber news for September 30th, 2025. You can find previous editions and more at daily cyber dot news.

Akira ransomware actors are exploiting a SonicWall S S L-V P N issue tracked as C V E twenty twenty-four-four zero seven six six to bypass multi-factor authentication and move fast once inside. The pattern matches the current edge-device reality: hit the gateway, sidestep strong login, pivot with R D P and domain tools, and then encrypt selectively after grabbing sensitive shares. Reporting points to compressed dwell times—sometimes hours—not days, with credential reuse and quick lateral movement. If you’re running affected builds, the window between probing and encryption can be brutally short, so detection has to be tuned for early signs like anomalous logins and surprise local admin creations. Recommendation: patch immediately, rotate anything tied to the V P N, and hunt for rapid multi-host encryption behaviors.

A rogue npm package named “postmark-m c p” embedded a malicious Model Context Protocol server that quietly B C C’d outgoing emails to an attacker, blending AI-agent plumbing with classic exfiltration. That’s dangerous because developer and automation environments often handle password resets, alert digests, and internal notifications—high-value messages that move secrets and session recovery links. Telemetry indicates the package saw real downloads before takedown, and the minimal code footprint means quick diffs might miss the backdoor on first pass. It widens the software supply-chain lens to include agent protocols and their tiny services, not just libraries. Recommendation: pin versions, verify maintainers, and scan mailer logs for odd B C C lines during the exposure window.

Microsoft is warning about phishing that hides inside S V G image files crafted with help from large language models, and the goal is to sneak past scanners. The images look harmless in previews, but embedded JavaScript pieces assemble only when someone clicks, redirecting to credential harvesters or malware downloads. Campaigns chain cloud file hosts, short-lived domains, and H T M L smuggling, which keeps indicators fleeting and detection brittle. Once attackers capture a session token or password, they validate access and fan out through federated apps. It’s a reminder that images can be code and gateways aren’t great at spotting it. Recommendation: filter or strip active S V G content at the mail boundary and on endpoints where you can.

Dutch authorities arrested two teenagers accused of gathering reconnaissance for pro-Russian hackers, allegedly recruited on chat apps with small crypto payments and promises of notoriety. Tasks were low-skill but useful: scans of school-adjacent networks, scraping staff directories, and screenshots of internal portals. None of that is “Hollywood hacking,” but stitched together it fuels targeted spear-phishing and credential stuffing. The case shows how espionage can be distributed to minors to add deniability and reduce risk for handlers. Payment trails and device logs reportedly tied aliases back to earlier influence operations. It’s a teachable pattern for both schools and companies. Recommendation: expand digital safety education to include recruitment red flags and fast-track takedowns of suspected handler accounts.

The DarkCloud infostealer is back with a version four point two that adds browser-extension hooks, lightweight persistence, and modular exfiltration. It goes after password vaults, crypto wallets, and messaging tokens first, then moves to mail and F T P clients, prioritizing whatever gives quick account takeover. Distribution leans on bundled “productivity” installers and malvertising that points to cloned vendor sites, with command-and-control rotating behind bulletproof hosts. Once it lands, DarkCloud flags single sign-on cookies and tries to sync to new devices silently, making reuse faster for criminals. Fresh logs hit mid-tier marketplaces quickly via stealer-log A P I feeds. Recommendation: block unknown extensions, reset tokens on suspect hosts, and monitor for impossible-travel logins tied to newly enrolled devices.

A U K jury convicted the so-called “Bitcoin Queen” in a case tied to the world’s largest crypto seizure, about five and a half billion pounds. Investigators spent years combining chain analysis with off-chain data—exchange K Y C, device forensics, and I P logs—to trace flows through mixers and peel chains. The prosecution argued that laundering patterns, spending clusters, and correlated records told a consistent story even when wallets shifted and hops stacked up. Courts had to manage the complexity of safeguarding keys and evidence while keeping the trial on track, which is hard at this scale. For defenders, the lesson is that traditional fraud now pivots through crypto rails but still leaves usable fingerprints. Recommendation: apply exchange-grade screening to any corporate crypto activity and log ownership proofs.

WestJet is notifying U S residents about a June breach that touched back-office systems for reservations and H R, which raises the stakes beyond Canadian regulators. Airlines have data that make excellent lures: loyalty numbers, travel histories, and itinerary emails that match real trips. Attackers time follow-on phishing to flight changes or refund windows, and victims click because the details feel legitimate. Even when financial data isn’t exposed, identity elements and contact details power account takeovers and social engineering. WestJet says the intrusion was contained and third-party responders are on it, with support offers rolling out to affected people. Recommendation: reset loyalty passwords, turn on M F A, and treat any “flight change” or “refund” message as hostile unless you confirm in-app.

Moldova reported hostile activity against its Central Election Commission during a pro-E U vote, and officials framed it as part of a broader hybrid playbook. Public-facing services saw surges in traffic and probing of backend systems that support voter information and results publishing, while fringe channels amplified narratives meant to shake confidence in the tally. The pattern—target selection, timing, and messaging—echoes prior Russian-aligned activity in the region. Core vote-capture processes stayed intact, but ancillary portals had intermittent outages and a few defacements that seeded confusion. It’s the classic “disrupt and doubt” approach, not a clean knockout. Recommendation: stage static results mirrors and geo-throttle non-local traffic on election infrastructure.

A new industry survey says artificial intelligence has moved from pilots to everyday essentials inside security operations centers, especially for alert triage, correlation, and detection engineering. Teams report lower mean-time-to-respond and less analyst fatigue as models summarize cases and suggest hypotheses inside the same workflow, reducing the swivel-chair effect across consoles. The blockers are familiar: model transparency, data residency, evaluation quality, and the need for guardrails that bind models to approved playbooks. Budgets are shifting from experimental licenses to embedded platform features, which signals durable adoption. This isn’t hype; it’s operators voting with process and spend. Recommendation: formalize A I use cases with measurable K P Is and require audit logs for every model-assisted step.

Another study tested whether A I can write reliable vulnerability checks, and the results were mixed. Models produced plausible code and test scaffolding for real C V Es, but they missed edge cases, version quirks, and safe-by-default behavior that you’d expect from production detections. False positives spiked when prompts lacked exact build details, and some outputs embedded insecure patterns that wouldn’t pass code review. Red-team prompts even nudged models toward noisy or broken checks, which can mask real exploitation. The takeaway is simple: great drafts, unreliable final product without human gates. Recommendation: treat A I-generated detections as drafts—lint them, unit-test against known-good and known-bad, and mandate peer review.

Researchers detailed design flaws in Tile trackers that let abusers stalk targets while dodging anti-stalking alerts. By chaining account-linking quirks with timing gaps in the “unknown tracker” logic, an attacker can persistently follow someone and still harvest location pings from passerby phones in the Tile network. Manual scans and notification toggles didn’t reliably catch the device in certain scenarios, and resets didn’t always help. The risk isn’t abstract: these are inexpensive, widely deployed, and often gifted. Tile says it’s investigating and evaluating mitigations, but the exposure today is practical. Recommendation: prefer trackers with strong cross-platform unwanted-tracking alerts and routinely scan for unknown Bluetooth beacons.

OpenAI explained that conversations involving potentially dangerous intent get routed automatically to specialized safety models that filter content, add friction, or stop output altogether. The system looks for cues—weaponization, self-harm, targeted harassment—and switches the serving stack while preserving auditability for governance. For regulated customers, that means observability shifts and outcomes may change under sensitive conditions, even if prompts look similar. It also clarifies that policy enforcement lives inside inference, not just as a separate layer. If you’re standardizing on models for enterprise use, this matters for compliance and incident review. Recommendation: update A I governance to reflect conditional model routing and verify logs capture both primary and safety-model outputs.