svoboda.center Logo svoboda.center

Svoboda Cybersecurity Brief September 21, 2025

Private VPN — just $1.2/mo

Cyberattack Disrupts Major European Airports

A cyberattack on Collins Aerospace (a subsidiary of RTX) disrupted check-in and boarding systems at Heathrow, Brussels, and Berlin airports, causing flight delays and cancellations. The attack forced airports to switch to manual check-in operations as mitigation. RTX confirmed the issue was a “cyber-related disruption” affecting electronic check-in systems.
Source: DataBreaches.net

Teen Surrenders in 2023 Las Vegas Casino Cyberattack Case

A teenage suspect linked to the 2023 MGM Resorts and Caesars Entertainment cyberattacks surrendered to authorities in Las Vegas. The individual faces six felony charges, including extortion, conspiracy, and unlawful computer acts, with prosecutors seeking to try them as an adult.
Source: DataBreaches.net

Canada Shuts Down TradeOgre Crypto Exchange, Seizes $40M

Canadian authorities dismantled TradeOgre, a privacy-focused cryptocurrency exchange, and seized $40 million in crypto tied to criminal activities. The platform facilitated money laundering by skipping KYC checks and supporting Monero transactions. Non-criminal users may seek recourse via courts.
Source: BleepingComputer

LastPass Warns of Fake GitHub Repos Spreading Atomic Infostealer

LastPass alerts to a macOS-targeted campaign via SEO-poisoned GitHub repositories impersonating tools like 1Password, Dropbox, and Shopify. Victims are tricked into executing Terminal commands that deploy Atomic Stealer malware. Attackers evade takedowns by cycling GitHub usernames.
Impact: Credential theft and system compromise.
Mitigation: Verify repository legitimacy, avoid executing untrusted scripts.
Source: The Hacker News

GPT-4-Powered MalTerminal Malware Discovered

Researchers identified MalTerminal, the earliest known LLM-embedded malware, which uses OpenAI’s GPT-4 to dynamically generate ransomware or reverse shell code. The malware predates November 2023 (using a deprecated API) but shows no evidence of real-world deployment.
Impact: Potential for adaptive malware leveraging generative AI.
Mitigation: Monitor for unusual LLM API usage, restrict model access.
Source: The Hacker News

ShadowLeak: Zero-Click Gmail Data Theft via OpenAI’s Deep Research

A zero-click flaw in OpenAI’s ChatGPT Deep Research agent allowed Gmail data exfiltration via hidden email prompts. Attackers injected Base64-encoded commands to steal inbox data, bypassing client-side defenses. OpenAI patched the issue in August 2025.
Impact: Sensitive email data leakage via cloud-based AI agents.
Mitigation: Disable unnecessary integrations, monitor AI agent activity.
Source: The Hacker News

Share this brief: https://svo.bz/XYd6

If you want to support us, you can donate here: Donate