Entra ID Flaw, Airport Cyberattack & AI Security – 09/21/2025

Secure Your Business Now

This intelligence digest highlights a critical vulnerability in Microsoft Entra ID that could have allowed global tenant takeovers. We also cover a major cyberattack disrupting European air travel, an emerging data exfiltration risk in Notion’s new AI agents, and an active malware campaign by North Korean hackers targeting the crypto sector. These incidents underscore the persistent threats to both cloud infrastructure and critical services.

Top 4 Critical Security Alerts

  • Microsoft Entra ID flaw allowed hijacking any company’s tenant: A critical vulnerability in Microsoft Entra ID, stemming from legacy components, could have enabled attackers to gain complete control over any organization’s tenant. Read more
  • Hundreds of flights delayed at Heathrow and other airports after apparent cyberattack: A cyber incident targeting Collins Aerospace systems caused major flight delays at several key European airports, disrupting travel for thousands. Read more
  • Notion 3.0’s new AI agents can be tricked into leaking data through a malicious PDF: New AI agents in Notion 3.0 can be exploited via malicious PDFs to leak sensitive user data, posing a significant data exfiltration risk. Read more
  • DPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams: North Korean threat actors are using fake job lures related to cryptocurrency to distribute BeaverTail and InvisibleFerret malware in an active campaign. Read more

Threat Intelligence

  • DPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams: North Korean threat actors are using fake job lures related to cryptocurrency to distribute BeaverTail and InvisibleFerret malware in an active campaign. Read more

Security Breaches & Incidents

  • Hundreds of flights delayed at Heathrow and other airports after apparent cyberattack: A cyber incident targeting Collins Aerospace systems caused major flight delays at several key European airports, disrupting travel for thousands. Read more

Cloud & Network Security

  • Microsoft Entra ID flaw allowed hijacking any company’s tenant: A critical vulnerability in Microsoft Entra ID, stemming from legacy components, could have enabled attackers to gain complete control over any organization’s tenant. Read more

Emerging Security Technologies

  • Notion 3.0’s new AI agents can be tricked into leaking data through a malicious PDF: New AI agents in Notion 3.0 can be exploited via malicious PDFs to leak sensitive user data, posing a significant data exfiltration risk. Read more
Contact Us for a FREE Security Consultation!
Picture of Chris Armour

Chris Armour

Director of Software Engineering at Grab The Axe, leads the development of secure, scalable software solutions that drive growth and innovation. With expertise in network security, coding, and AI, he aligns technology strategies with business goals while mentoring high-performing teams. He holds a Bachelor of Science degree in Network Security from the University of Advancing Technology and is dedicated to advancing digital security and software innovation.

YOU MIGHT ALSO LIKE

Medical Institution Security

Enhancing Medical Institution Security: A Comprehensive Case Study

Financial Services Security

Enhancing Financial Services Security: A Comprehensive Case Study

The $102 Million Password: A Case Study in Converged Security at the Louvre