Cyber Briefing: 2025.09.10

Microsoft AD flaw, Adobe bug exploited, Salt Typhoon domains exposed, Nexar & Cornwell breached, Wealthsimple hit, Apple MIE launched, US sanctions $10B scams.

Sep 10, 2025

👉 What's trending in cybersecurity today?

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please Subscribe

Get Help

🚨 Cyber Alerts

1. Microsoft Warns of AD DS Flaw

Microsoft has issued a new warning about a critical security flaw in Active Directory Domain Services, identified as CVE-2025-21293. This vulnerability, categorized as an "Elevation of Privilege" issue, could allow an attacker to gain complete control over a domain controller, posing a significant risk to the entire network.

2. Hackers Exploit Adobe Commerce Bug

Adobe has issued a critical warning about a severe security flaw, called SessionReaper, in its Commerce and Magento Open Source platforms that could let attackers take over customer accounts. The vulnerability, which has a CVSS score of 9.1, is considered one of the most serious in Magento's history.

3. Unreported Domains Expose Salt Typhoon

Threat hunters have uncovered a network of previously unknown domains, some dating back to 2020, that are connected to the Chinese cyberespionage groups known as Salt Typhoon and UNC4841. The discovery confirms that Salt Typhoon's recent attacks were not a one-time event, and the identified infrastructure overlaps with domains used by UNC4841, a group known for exploiting vulnerabilities in Barracuda Email Security Gateway appliances.

For more alerts, click here!

Search Jobs

💥 Cyber Incidents

4. Nexar Dashcam Database Breached

A recent report revealed a hacker gained access to a database of video recordings from Nexar dashcams, finding over 130 terabytes of data, including clips with clearly visible faces. The breach was made possible by a high-privilege key embedded in every Nexar camera, which left the company's Amazon Web Services (AWS) database improperly secured.

5. Cornwell Tools Data Breach Hits 104k

Cornwell Quality Tools is notifying over 100,000 individuals of a data breach that exposed sensitive information, including Social Security numbers and financial data. The ransomware group Cactus has claimed responsibility for the attack and posted sample documents online to prove its claim.

6. Wealthsimple Platform Data Breach

Wealthsimple, a Canadian investment platform, recently experienced a data breach impacting a small percentage of its clients. The breach was a result of a supply chain attack involving a compromised third-party software package.

For more incidents, click here!

Click to Report

📢 Cyber News

7. iPhone Air 17 with Security A19 chips

Apple has introduced a new security feature called Memory Integrity Enforcement (MIE) on its new iPhone models. MIE is designed to provide always-on protection against memory corruption attacks by leveraging an improved version of Arm's Memory Tagging Extension (MTE).

8. Azure Storage Logs Help Forensics

Following a security breach, forensic investigators frequently overlook Microsoft Azure Storage logs, a crucial source of evidence that can help trace an attacker's movements and data exfiltration.

9. US Sanctions Cyber Scammers

The U.S. Treasury Department has sanctioned several Southeast Asian cyber scam networks that stole over $10 billion from Americans last year. These operations, located primarily in Burma and Cambodia, are notorious for using forced labor and human trafficking to conduct online fraud.

For more news, click here!

Check Events

📈Cyber Stocks

In the early hours of Wednesday, September 10, 2025, cybersecurity stocks held mostly stable as investors looked to potential Federal Reserve rate cuts and renewed sector focus following a major cloud security IPO.

Radware (RDWR) closed at $25.77, lifted by confidence in its Q2 earnings and the global expansion of its cloud security services, signaling strong demand for AI-driven protection tools.
Rapid7 (RPD) ended at $20.39, edging lower as investors stayed cautious ahead of key inflation data that could influence broader tech sentiment.
Check Point Software Technologies (CHKP) settled at $196.56, trading steadily as sector-wide strength provided support in the absence of major stock-specific developments.
SentinelOne (S) finished at $17.98, slipping as macroeconomic concerns weighed on investor sentiment despite continued confidence in its AI-powered growth story.
Palo Alto Networks (PANW) closed at $197.55, showing resilience thanks to its strong strategic positioning in AI cybersecurity and investor interest in SASE leaders after Netskope’s IPO.

💡 Cyber Tip

🛡️ Patch Active Directory Now to Block Privilege Escalation

Microsoft has issued a warning about a critical flaw in Active Directory Domain Services that could let attackers escalate privileges to full SYSTEM control. While exploitation requires prior access with valid credentials, a successful attack could compromise an entire domain controller and put the entire network at risk.

✅ What you should do

Apply Microsoft’s latest security updates for Active Directory Domain Services immediately
Monitor for unusual authentication activity or privilege escalation attempts
Segment networks to reduce the impact of potential domain controller compromise
Strengthen defenses against credential theft, such as phishing-resistant MFA
Maintain a layered defense-in-depth strategy with patching, monitoring, and incident response

🔒 Why this matters

Even though Microsoft rates exploitation as less likely, the potential consequences of a domain controller takeover are catastrophic. Unpatched systems could give attackers persistent control across the Active Directory forest.