Cyber Security Headlines European airports restore services, CISA deals with GeoServer exploit, Jaguar Land Rover extends shutdown
18 snips
Sep 24, 2025 European airports faced chaos after a ransomware attack disrupted check-in systems, forcing manual processes and causing flight cancellations. A significant breach linked to an unpatched GeoServer vulnerability went undetected for weeks, raising alarms at CISA. An anonymous reporting app leaked users' personal information, while Jaguar Land Rover's production halted globally due to an attack. Additionally, a covert SIM network targeted NYC telecoms, and spear phishing campaigns aimed at European aerospace firms threaten cybersecurity.
AI Snips
Chapters
Transcript
Episode notes
Airports Grounded By Third-Party Ransomware
- A ransomware attack on Collins Aerospace disrupted check-in systems at Heathrow, Brussels, Berlin, and Dublin, causing long lines and cancellations.
- ENISA confirmed a third-party ransomware incident while Collins said fixes were in final stages.
Patch Quickly And Monitor Continuously
- CISA urged rapid patching, continuous EDR monitoring, and stronger incident response to prevent similar breaches.
- Organizations should prioritize critical vulnerability fixes and hunt for web shells proactively.
GeoServer Flaw Enabled Long Undetected Breach
- CISA detailed an unpatched GeoServer RCE that led to a federal agency breach involving web shells and lateral movement.
- The attackers stayed undetected for three weeks, exposing gaps in patching and monitoring.