A

From the CISO series, it's Cybersecurity Headlines these are the cybersecurity headlines for Friday, September 26, 2025. I'm Steve Prentiss. Microsoft to offer free Windows 10 security updates in Europe Microsoft says it will offer these extended security Updates for Windows 10 users in the European Economic Area, which includes Iceland, Liechtenste, Norway and all 27 European Union member states. The decision was made after pressure was exerted by Euroconsumers, a Luxembourg based consumer protection organization that represents 1.5 million households across Europe and Brazil. The company has also asked that Microsoft Postpone the Windows 10 end of support date beyond October 14, 2025, noting that previous versions such as Windows 7 and Windows XP were supported for more than seven years after Windows 8 and Vist were introduced. End quote Teenage Vegas casino hacker released to parents following up on a story we covered exactly two years ago, a 17 year old hacker who surrendered to face charges over cyber attacks targeting Vegas casinos in 2023 has been released into the custody of his parents, according to a family court judge ruling. The teen is believed to be part of the Scattered Spider Group, which compromised the networks of MGM Resorts and Caesars Entertainment Casinos, deploying Black Cat Alph v Ransomware. The attack cost MGM more than $100 million in damages. The teen has had his access to the Internet restricted to educational use only, and speculation abounds as to whether he is still in possession of $1.8 million in Bitcoin, which is believed to be related to the attacks. Boyd Gaming hacked employee data stolen in other casino Related news, the Las Vegas company Boyd Gaming has announced the theft of employee information as a result of a recent cyber attack. In a notification to the securities and Exchange Commission, the company stated that data on employees and a limited number of other individuals was stolen from its internal IT system on Tuesday evening, but that the attack had no impact on Boyd Gaming properties or business operations. The company did not say when the attack occurred or whether it involved ransomware. Boyd Gaming operates casinos and resorts across the US with facilities in 11 states. Super micro BMC flaws can create persistent backdoors Researchers at firmware security company Binarly are warning of two vulnerabilities affecting firmware from Super Micro, a manufacturer of servers, motherboards and datacenter hardware. The vulnerabilities in the baseboard management controller product allow attackers to update systems with maliciously crafted images. The researchers discovered a bypass for a flaw that Supermicro had actually patched this past January, along with another vulnerability. They say the issue could allow potential attackers to gain complete and persistent control of both the BMC system and the main server os. End quote. Huge thanks to our sponsor Conveyor logging in to yet another security questionnaire portal on a Friday at 3pm yeah, that's chaos. Conveyor AI is your fast path to. Com. It finds every question, no matter the format, and fills in the answers across portals, spreadsheets, PDFs, well you name it. So instead of grinding through copy paste, you get a first pass of accurate answers in minutes. Find your Friday zen@www.conveyor.com that is C O N V E Y-O-R.com Salesforce patches AI indirect prompt injection Bug Cybersecurity researchers from NOMA Security have disclosed a critical flaw impacting Salesforce Agent Force, which is a platform for building artificial intelligence agen agents. The flaw could allow attackers to exfiltrate sensitive data from its CRM tool by way of an indirect prompt injection. The vulnerability, named Forced Leak, has a CVSS score of 9.4 and affects any organization using Salesforce Agentforce with the Web2Lead functionality enabled. Indirect prompt injection occurs when malicious instructions are inserted into external data sources accessed by the service, effectively causing it to generate otherwise prohibited content or take unintended actions. Preschool Network attacked toddlers Data Published in an attack described by people in the cybersecurity business as reprehensible and sinking to the lowest depths possible, a cybercrime outfit named the Radiant Group has successfully targeted Kido International, that is Kido, a preschool and daycare organization. The group then leaked sensitive details about the pupils and parents, including images, names and home addresses, parents contact details and in some cases, places of work. All the affected individuals thus far appear to be based in the uk. Volvo North America Discloses data breach following ransomware attack on third party supplier this attack exposed the personal data of Volvo North America employees following a ransomware attack on third party supplier, as we reported last month. This attack occurred in August and impacted at least 25 companies, including Scandinavian airline SAS as well as 200 Swedish municipalities. The affected systems are used by managers and HR to handle medical certificates, rehabilitation matters and the reporting and management of work related injuries. End quote. The Ransomware Group data carry claimed responsibility for the attack on MEO data and also published allegedly stolen data on its tor leak site. Zend2 discloses flaw a critical path traversal flaw in the file transfer application Zend2, that is Zendto has been assigned a CVE number after researchers discovered that versions 6.15 through 7 and prior enable authenticated users to manipulate the file paths and retrieve sensitive data from the host system. End quote. Security company Horizon 3 AI reported that the server side sanitation routine strips non alphanumeric characters from the file drop off process, but if an attacker supplies a line of non alphanumeric characters, the sanitation leaves an empty or dot only string. Ultimately, this leads to a method that can enumerate and exfiltrate any user uploaded content or critical system files. As usual, we've got a busy Friday of live streams today. It starts at 1pm Eastern with Super Cyber Friday where the topic will be Hacking Security Theater, an hour of critical thinking about compliance checkboxes that don't actually improve things, and then at 3:30pm Eastern time, we have our Week in Review Show. Our guests this week will be Brett Conlan, CSO of American Century Investments, and TC Nijikowski, Head of Security and IT at Opendoor. They will be providing their expert commentary on the news of the week and you are welcome to do the same by joining us on YouTube live. To register, just simply head on over to the events page@cisoseries.com if you want to help make some great content for the CISO series, we've got a great way for you to participate. We need our listeners to fill out a quick five question survey. They are Family Feud style questions and your responses will be used for an upcoming live event. So if you've got an extra minute while you're there@cisoseries.com, go to the participate page to fill out the form. And finally, of course, if you have some thoughts on the news from today or about this show in general, please be sure to reach out to us@feedbackisoseries.com we would love to hear from you. I'm Steve Prentiss reporting for the CISO series. Cybersecurity headlines are available every weekday. Head to cisoseries.com for the full stories behind the headlines.