The past 30 days have seen no shortage of new threats and incidents that brought into sharp relief the need for well-thought-out cyber-resilience plans
29 Sep 2025
As September 2025 comes to a close, ESET Chief Security Evangelist Tony Anscombe reviews a selection of the top cybersecurity stories that have made the headlines over the past 30 days and offers insights that they hold for your own cyber-defenses.
So what were some of the key cybersecurity stories of September 2025?
- some of Europe’s biggest airports experienced disruptions after a ransomware attack knocked out automated passenger processing systems provided by Collins Aerospace,
- Jaguar Land Rover (JLR), the UK’s largest car manufacturer, has announced that its global operations will remain closed until at least October 1st following a cyberattack on its IT systems in August,
- hundreds of npm (Node Package Manager) packages have been compromised in a supply-chain attack; the incident affecting what is the world’s largest JavaScript component registry has also prompted an alert from the US Cybersecurity and Infrastructure Agency (CISA),
- threat actors are impersonating known brands, including LastPass, in a widespread campaign aimed at compromising macOS users with information-stealing malware,
Don’t forget to check out the August 2025 edition of Tony’s monthly security news roundup for more insights.