British police arrested a man in his 40s in West Sussex on Tuesday over a cyberattack that disrupted major European airports last weekend. The attack hit Berlin, Brussels, and London Heathrow airports starting Friday, forcing staff to handwrite boarding passes and use backup systems.

The cyberattack targeted Collins Aerospace software used for check-in, boarding passes, and baggage handling. Berlin Airport warned Wednesday that disruptions could continue for several more days as technicians work to restore secure systems. Heathrow reported most flights were operating normally by Tuesday.

The suspect was released on conditional bail while the National Crime Agency continues investigating.

Source: CBS News

GitHub is implementing stricter security measures for the NPM registry following a series of devastating supply chain attacks over the past three months. The most severe incident involved the Shai-Hulud self-replicating worm, which compromised 195 packages and pushed over 500 malicious versions to the registry last week.

Earlier attacks targeted maintainer Josh Junon's 18 packages (with 2.5 billion weekly downloads) through phishing, and July saw typosquatting attacks on packages with 30 million combined weekly downloads.

GitHub's response includes mandatory two-factor authentication for local publishing, granular tokens expiring after seven days, and trusted publishing that eliminates long-lived tokens. The platform will also deprecate legacy authentication methods and gradually roll out changes to minimize workflow disruption.

Source: Security Week

CISA has issued an urgent warning about a high-severity zero-day vulnerability in Google Chrome that hackers are actively exploiting in attacks. The flaw, tracked as CVE-2025-10585, affects Chrome's V8 JavaScript engine and allows attackers to execute malicious code on victims' computers.

Google's Threat Analysis Group discovered the vulnerability on September 16, 2025. This marks the sixth Chrome zero-day exploited this year, showing attackers continue targeting browser vulnerabilities.

Federal agencies must patch by October 14, 2025, but CISA urges everyone to update immediately. Users should update Chrome to version 140.0.7339.185/.186 through the browser's Help menu. Other Chromium-based browsers like Edge and Brave also need updates.

Source: Cybersecurity News

Iranian cyber-espionage group "Nimbus Manticore" has expanded beyond the Middle East to target critical infrastructure in Denmark, Portugal, and Sweden. The IRGC-linked hackers are hitting defense manufacturing, telecommunications, and aviation companies using two new malware variants: "MiniJunk" and "MiniBrowse."

Their attacks start with fake HR recruitment emails appearing to come from companies like Airbus and Boeing. Victims are directed to phony job sites that download malicious archives disguised as hiring materials.

MiniJunk is a significantly upgraded backdoor that uses advanced obfuscation techniques, code signing, and multiple command servers to avoid detection. The malware can steal files, execute processes, and maintain persistent access to compromised systems.

Check Point researchers say the group's sophisticated tactics represent "a significant increase in the actor's abilities," making detection much harder for defenders.

Source: Dark Reading

Flight delays continue plaguing major European airports including London Heathrow, Brussels, Dublin, and Berlin following Friday's ransomware attack on Collins Aerospace. The cyber-attack targeted the company's Muse software used for check-in and boarding systems across multiple airlines worldwide.

Collins Aerospace, a subsidiary of RTX, says it's in final stages of restoring full functionality while working with four affected airports. Airport staff have resorted to manual processing as kiosks and bag-drop machines remain offline. Brussels canceled 63 flights on Monday alone.

The EU's cybersecurity agency confirmed it was ransomware, where hackers lock systems demanding payment. Officials suggest state-sponsored actors could be responsible, though private entities remain possible culprits. Airline stocks dropped Monday, with IAG falling 1.2% and easyJet down 1.4%.

Source: The Guardian

A cyber attack on RTX's Muse software has crippled check-in systems at major European airports including London Heathrow, Brussels, Berlin, and Dublin for three straight days. The software handles passenger check-ins, boarding passes, and baggage tagging across multiple airlines.

Airlines were forced to resort to pen-and-paper check-ins as the digital systems remained offline. Heathrow reported that most flights continued operating despite delays, while Brussels Airport directly called it a "cyber attack."

Security experts warn these supply chain attacks are becoming more frequent in aviation, exploiting shared systems that serve multiple airlines simultaneously. The incident highlights the industry's vulnerability when critical third-party platforms fail.

Source: Infosecurity Magazine

Cybercriminals are increasingly attacking industrial control systems (ICS) using malicious JavaScript and fake vendor websites. In Q2 2025, 6.49% of ICS computers blocked these web-based threats, making them the top danger to industrial networks.

Attackers send phishing emails with links to cloned vendor portals. When workers click these links, malicious scripts automatically download and create backdoors into critical systems. The criminals then steal credentials and can directly control programmable logic controllers and SCADA systems.

Several attacks caused real damage—one altered chemical processing temperatures, triggering emergency shutdowns. Another disabled safety systems after stealing privileged accounts through fake support portals. Africa and Southeast Asia saw the most attacks, while Northern Europe faced fewer attempts.

Source: Cybersecurity News

A cyberattack on Friday night disrupted check-in and boarding systems at major European airports including Brussels, Berlin's Brandenburg, and London's Heathrow on Saturday. The attack targeted Collins Aerospace's MUSE software, forcing airports to resort to manual check-in processes.

Brussels Airport saw nine flight cancellations and 15 delays of over an hour, though the overall impact remained limited. Passengers faced longer waits as staff had to write baggage tags by hand at understaffed counters.

Experts called the attack "very clever" since it hit multiple airports simultaneously through a single system provider. The aviation industry's reliance on shared digital platforms makes it an attractive target for cybercriminals, with the attack's motive still unclear.

Source: Security Week

Security researcher "Ynwarcs" has published proof-of-concept exploit code for CVE-2024-38063, a critical zero-click vulnerability affecting all Windows systems with IPv6 enabled. Originally discovered by XiaoWei of Kunlun Lab, this remote code execution flaw targets Windows 10, Windows 11, and Windows Server without requiring any user interaction.

The exploit code is now available on GitHub for researchers to study, but this also increases the risk of malicious actors exploiting the vulnerability. Microsoft is urging users to install the latest security updates immediately to protect against potential attacks. Organizations should prioritize patching and monitor for unusual IPv6 packet activity.

Source: Dark Reading

A devastating cyberattack has crippled Jaguar Land Rover for three weeks, forcing the closure of all factories in the UK, Slovakia, Brazil, and India. The hack, discovered in late August, has left Britain's largest automotive employer unable to produce vehicles, potentially costing hundreds of millions of pounds.

The attack exposed vulnerabilities in JLR's interconnected "smart factory" systems, managed by outsourcing giant Tata Consultancy Services under an £800m contract. When hackers breached the network, JLR couldn't isolate affected systems and was forced to shut down everything.

The crisis threatens JLR's entire supply chain of 700+ companies across the West Midlands. Workers remain furloughed with no clear restart date, while suppliers face potential bankruptcy. The government is providing daily support and considering financial aid for struggling suppliers as the automotive industry braces for a prolonged shutdown.

Source: The Guardian