Good Morning Security Gang!
It’s Thursday, September 4th, 2025, and I’m in a good mood this morning because—for once—we don’t have a massive breach headline leading the show. No stolen databases, no “another day, another ransomware.”
Instead, today’s CyberHub Podcast is all about compliance, regulation, and vulnerabilities, plus some wins for defenders and a big M&A move in AI security. Espresso in hand, let’s dive into it.
"I'm proud of today's program because for once, for once, we don't have a data breach announcement. This is great!" James Azar
💸 Google Fined $381M in France Over Gmail Ads
French regulators fined Google $381 million (€325M) for slipping promotional messages directly into Gmail inboxes and coercive cookie consent practices. Roughly 53 million Gmail users in France were affected. Regulators said the ads counted as direct marketing under French law, and Google has six months to comply or face additional daily penalties. Google has already begun rolling out changes.
As I said on the show: “This is where regulators look between the tzitziyot—searching for details to justify their existence.”
🇪🇺 EU Court Upholds U.S.-EU Data Transfer Deal
In a rare win for U.S.-EU relations, the European Court ruled that U.S. safeguards for European data transfers are adequate. The U.S. Data Protection Review Court was deemed independent enough to oversee surveillance concerns. This affirms the EU-U.S. Data Privacy Framework, giving businesses more stability after years of Schrems II chaos.
🧸 DOJ Targets Toy Maker for COPPA Violations
The DOJ is suing Apitor Technology, a small U.S. toy maker, for allowing a Chinese third party to collect children’s geolocation data via its app without parental consent. The company embedded Aurora Mobile’s SDK, which collected precise location data from thousands of kids since 2022. Apator faces a $500K fine, though financial hardship may delay it. As I noted: this may be less about COPPA and more about pushing U.S. firms away from Chinese tech dependencies.
🇨🇿 Czech Republic Warns on China-Linked Tech Risks
The Czech Republic’s cybersecurity agency warned against reliance on Chinese-managed cloud and data-intensive technologies in critical sectors like energy, healthcare, and transportation. Officials stressed the risk of remote management and espionage, calling for coalition-built alternatives to China’s growing tech dominance.
🇺🇸 Congress Extends Federal Cybersecurity Laws
The House Homeland Security Committee voted nearly unanimously to extend two key laws:
CISA (2015) – encouraging private sector threat intel sharing.
State & Local Cybersecurity Grant Program – providing funds for resilience.
Both extensions are expected to pass before their September 30th expiration.
📱 Google Android September Patches – 111 CVEs Fixed
Google released patches for 111 CVEs across Android, including two zero-days:
CVE-2025-48543 – privilege escalation in Android runtime.
CVE-2025-38352 – race condition in Linux kernel POSIX CPU timers.
Both are suspected of being exploited in spyware campaigns. Patch all Android 13–16 devices immediately.
📶 TP-Link Wi-Fi Extenders Vulnerable (5-Year-Old Flaw)
CISA reissued a warning on CVE-2022-43663, a missing authentication flaw in TP-Link TL-WA855RE Wi-Fi extenders. Exploitation lets attackers factory reset and create new admin passwords if on the same network. It’s a five-year-old bug, but still actively exploited—a sign of how patch maturity lags in consumer and SMB hardware.
🤖 Hex Strike AI Red-Teaming Tool Weaponized by Hackers
Check Point reports attackers are using Hex Strike AI, an AI-powered pen-testing tool, in real attacks. Originally built for red teams, it automates 150+ tools and now helps adversaries weaponize new Citrix flaws (CVE-2025-7775, -7776, -8424) within hours of disclosure. Proof again that AI tools built for defenders will always trickle down to attackers.
🛠 Sitecore Zero-Day Exploited in the Wild
Google flagged active exploitation of CVE-2025-53690, a deserialization flaw in Sitecore Experience Manager/Platform. Attackers leveraged sample machine keys left in deployment guides since 2017, deploying WeepSteel malware for internal recon, tunneling, and privilege escalation. If you’re running Sitecore pre-v9, you’re in trouble—patch now.
⚽ StreamEast Sports Piracy Network Taken Down
Authorities in Egypt, working with the Alliance for Creativity and Entertainment (ACE), arrested two men behind StreamEast, the world’s largest illegal sports streaming operation. The site had 80+ domains and 1.6B visits annually, streaming NFL, NBA, and European soccer games for free since 2018.
💼 Cato Networks Acquires AIM Security
Cato Networks announced its first acquisition: AIM Security, an AI security startup specializing in protecting GenAI applications. Valued highly in the AI sec space, AIM will bolster Cato’s SASE platform. This could be the start of an AI-driven M&A trend in cybersecurity over the next 12–18 months.
🧠 James Azar’s CISO Take
Today’s show drives home two themes: compliance as a weapon and AI as a risk accelerator. Europe’s fines against Google and lawsuits against small firms like Apator show how regulators stretch rules to justify oversight. Some of it makes sense, but some is just political maneuvering. CISOs must recognize that compliance is becoming part of the attack surface—not just a checkbox.
On the technical side, Hex Strike AI and Sitecore’s zero-day prove how fast vulnerabilities are exploited when AI is involved. Our patch management cycles are too slow for this new world. If disclosure-to-exploitation is now measured in hours, not weeks, we need automated patching pipelines and better segmentation. Otherwise, the gap between defender readiness and attacker speed will keep widening.
✅ Action Items
🔐 Review Salesforce/Drift integrations; treat them as privileged accounts.
📱 Patch Android 13–16 devices immediately for September CVEs.
📶 Replace or patch TP-Link TL-WA855RE extenders.
🤖 Audit use of AI-powered red team tools—assume adversaries have them.
🛡 Patch Sitecore instances pre-v9 and rotate machine keys.
⚽ Track piracy-site takedowns if your business ties into media/streaming.
💼 Watch AI cybersecurity M&A—supply chain impacts are coming fast.
Thank you all for tuning in. Tomorrow we'll have a summary available at cyberhubpodcast.com, and you can catch more content on our YouTube channel. Have a great weekend, have a great rest of your day, and most importantly, y'all stay cyber safe.
