This Week In Cybersecurity: SalesForce, Jaguar, and "Salt Typhoon"

Share
This Week in Cybersecurity | September 5th 2025 OpenVPN
4:43

Here's what happened in the world of cybersecurity while you were at work. 

If it feels like every week brings a new headline about hackers, data leaks, or ransomware, you’re not wrong. Since Monday alone, the cybersecurity world has seen fresh breaches across multiple sectors—education, healthcare, automotive, and even national infrastructure.

 From state-sponsored espionage campaigns to ransomware gangs targeting critical industries, the message is clear: no one is off-limits.

Here’s a quick roundup of the biggest stories making waves this week.

1. “Salt Typhoon” Global Campaign

The U.S. government disclosed details of a sweeping Chinese cyber operation—codenamed Salt Typhoon—that may have breached sensitive data from nearly every American, including high-profile figures like former President Donald Trump and VP J.D. Vance. The campaign spanned over 80 countries and targeted global telecom networks and U.S. critical infrastructure, raising alarms about national security and privacy. The FBI and DOJ are ramping up legal and defensive responses, though Beijing has denied involvement.

➡️ Find out more about who's feeling salty.

2. Jaguar Land Rover Cyber Attack Disrupts Production

Jaguar Land Rover (JLR) suffered a major cyberattack affecting all UK plants—including Solihull and Halewood—resulting in halted vehicle production and significant delays. A hacker known as “Rey,” potentially linked to the Hellcat or Scattered Lapsus Hunters groups, claimed credit for a second attack within six months. The group posted internal data screenshots on Telegram. JLR has isolated IT systems and launched an investigation, with national cybersecurity agencies now involved.

➡️ Read more about the catfight here.

(Jaguar vs. Hellcat...see what we did there?)

3. Texas AG Sues PowerSchool Over Student Data Breach

Texas Attorney General Ken Paxton filed a lawsuit against EdTech provider PowerSchool regarding a December 2024 breach that exposed data of over 880,000 Texas students and teachers. The exposed information includes highly sensitive data: names, addresses, Social Security numbers, medical and disability records, special education details, and even bus stop locations. Paxton alleges the company misrepresented its security standards and failed to implement fundamental safeguards such as multi-factor authentication.

➡️ Don't mess with Texas.

4. Aspire Rural Health System Data Breach

Healthcare provider Aspire Rural Health System in Michigan announced a breach affecting approximately 138,386 individuals. The intrusion, linked to the Russian ransomware group BianLian, exposed personal, medical, insurance, and biometric data between November 2024 and January 2025. Aspire is offering affected individuals free 12-month credit monitoring and has found no reports of identity theft or fraud so far.

➡️ Definitely not HIPPA compliant.

5. Salesloft Drift Supply Chain Attack Impacts Multiple Firms

The Salesloft Drift supply-chain breach continues to spread: cybersecurity firm Zscaler confirmed exposure of customer data (emails, job titles, support cases) via compromised OAuth tokens. No files or attachments were accessed. Zscaler and other affected organizations—including Proofpoint, SpyCloud, Tanium, and Tenable—have revoked access, rotated credentials, and tightened protocol. The breach highlights third-party risk across Salesforce integrations.

➡️ Read more at itpro.com or in SecurityWeek.

6. Hospitality Sector Vulnerabilities Surging

The hospitality industry shows significant cybersecurity weaknesses, with over 14,000 publicly exposed vulnerabilities and 61.5% of cyber attacks exploiting these gaps. This trend compromises both customer trust and corporate valuation.

➡️ Read the report and strengthen your hospital's security.

7. Ongoing Router Exploits by Chinese APT Groups

Chinese advanced persistent threat (APT) groups continue targeting enterprise routers, infiltrating telecom, government, and military networks via hardware vulnerabilities.

➡️ Find out what vulnerabilities they're using


Final Takeaway

This week’s breaches underscore an uncomfortable reality: cybersecurity threats are not isolated events—they’re systemic risks spanning industries and borders. Whether it’s nation-state espionage or ransomware gangs, the attack surface keeps growing. For organizations, proactive defense, rapid detection, and strong vendor risk management are no longer optional—they’re survival strategies.

Secure your zero trust network today

Related posts from OpenVPN

Subscribe for Blog Updates