⏱️ Read Time: 7 minutes

📜 Table of Contents

• 🚨 Major Breaches & Incidents — JLR shutdown, Texas student data leak, Texas disaster grant exposure

• 🛡️ Emerging Threats & Vulns — EvilAI malware, Microsoft Patch Tuesday, Samsung Android zero-day, Salesforce attackers

• 🤖 AI in Cyber — ChatGPT calendar flaw, AI résumés + fake military IDs, smiley test vs. deepfakes

• 🕵️ Privacy Watch — LNER customer data leak

🚨 Major Breaches & Incidents

• Jaguar Land Rover extends production halt after cybersecurity incident
  JLR is keeping lines idle until Sept 24, 2025 as it digs out from a cyber incident that jammed operations. Details are scarce (classic), but the ripple effects through suppliers are the real story here.
  👉️ Key takeaway: Even partial outages at a Tier-1 manufacturer cascade fast—map your dependencies, not just your endpoints.
  

• PowerSchool breach affecting 880,000 Texas students blamed on lack of basic security
  A 19-year-old reportedly pulled extensive student/teacher data via PowerSchool—think SSNs, medical info, addresses. Experts say missing basics (MFA, encryption-at-rest) made it way too easy.
  👉️ Key takeaway: EdTech still flunks Security 101—if you store SSNs, you don’t get to skip MFA.
  

• Texas disaster grant system data breach exposes tens of thousands
  A misconfiguration in the Texas General Land Office’s Integrated Grant Reporting system exposed sensitive data for ~44,485 applicants from 2015–2024. Records included SSNs, bank details, and medical info—basically everything an identity thief dreams about.
  👉️ Key takeaway: “Misconfiguration” remains the most expensive box to accidentally check.
  

Go from AI overwhelmed to AI savvy professional

AI will eliminate 300 million jobs in the next 5 years.

Yours doesn't have to be one of them.

Here's how to future-proof your career:

• Join the Superhuman AI newsletter - read by 1M+ professionals

• Learn AI skills in 3 mins a day

• Become the AI expert on your team

Start learning AI now

🛡️ Emerging Risks & Warnings

• “EvilAI” malware campaign exploits AI-generated code in critical sectors
  Researchers say operators are leaning on AI-generated code plus targeted phish to move quickly across critical-infra environments. Automation lowers the skill floor; social engineering still closes the deal.
  👉️ Key takeaway: Assume adversaries can spin up working exploit chains faster than your change-control cycle.
  

• Microsoft September 2025 Patch Tuesday: two zero-days + many critical vulnerabilities
  Redmond shipped fixes for 84 CVEs, including two exploited zero-days. Priv-esc and RCE lead the pack (as usual). If your patching strategy needs a caffeine drip, consider this your espresso shot.
  👉️Key takeaway: Prioritize the actively exploited pair first, then anything enabling lateral movement or remote code paths.
  

• Samsung patches zero-day exploited in the wild against Android users
  CVE-2025-21043—an out-of-bounds write in Samsung’s image codec—was under exploitation before the fix dropped. Impact hits Galaxy devices; update queues should not be optional here.
  👉️Key takeaway: “It’s just a media library” is how you end up with device-level compromise. Patch.
  

• FBI warns of UNC6040 and UNC6395 targeting Salesforce platforms in data-theft attacks
  A new FBI flash flags two crews tunneling into Salesforce orgs. One angle: compromised OAuth tokens linked to a third-party breach; the other: good old-fashioned data-exfil recon.
  👉️Key takeaway: Your SaaS is part of your attack surface—treat OAuth tokens like crown-jewel credentials.
  

Used by Execs at Google and OpenAI

Join 400,000+ professionals who rely on The AI Report to work smarter with AI.

Delivered daily, it breaks down tools, prompts, and real use cases—so you can implement AI without wasting time.

If they’re reading it, why aren’t you?

Join 400K+ pros

🤖 AI in Cyber

• ChatGPT’s new calendar integration can be abused to steal emails
  Researchers showed how manipulative calendar invites could siphon email content via the new integration. It’s less “sci-fi AI hack” and more “classic data-leak plumbing”—but it leaks just the same.
  👉️Key takeaway: Treat productivity add-ons like code running in your inbox—because they are.
  

• North Korean & Chinese hackers infiltrate companies using AI résumés and fake military IDs
  Business Insider details operations using LLM-crafted résumés, forged IDs, and convincing lures to place operatives and steal access. When HR meets APT, background checks had better be more than vibes.
  👉️Key takeaway: Assume your hiring funnel is a threat surface—verify identities, not just LinkedIn.
  

• Want to foil an AI deepfake? Tell it to draw a smiley face
  A quirky “challenge-response” trick—asking for a simple visual or logic task—can trip up deepfakes in real time. Low-tech meets high-stakes, and the results are refreshingly human.
  👉️Key takeaway: Add lightweight verification prompts to live calls—cheap controls, big wins.
  

🕵️ Privacy Watch & Policy

• LNER customer data accessed via third-party supplier; no financial info leaked
  The UK rail operator says contact and journey data were exposed through a supplier breach; passwords and payment data weren’t caught up. Still, travel metadata + emails = phishing field day.
  👉️Key takeaway: Vendor risk means your customers get phished for someone else’s mistakes.
  

Thanks for reading this week’s edition. Like what you see? Forward it!

Hate everything you see or have other feedback? Reply back to this email!