TF Cybercrime Round-up: 26 September 2025

Your weekly deep dive into the latest cyber threats and regulatory responses shaping our digital world.

Tiff Staff

Cybersecurity is in the spotlight, with a week marked by deepfake abuse penalties, critical infrastructure hacks, and debates over digital identity. Across the globe, regulators, companies, and governments face escalating threats while grappling with how to balance security and privacy.

What’s Happening & Why This Matters

Australian Court Delivers Landmark Deepfake Ruling

An Australian federal court issued a landmark ruling against Anthony Rotondo, also known as Antonio, who created and distributed non-consensual deepfake pornography of prominent Australian women. Rotondo was fined $343,500, setting a powerful legal precedent for cases involving AI-generated explicit content.

The case was brought by Australia’s eSafety Commissioner, Julie Inman Grant. She stressed the psychological and emotional harm caused by image-based abuse. Even after receiving removal orders, Rotondo escalated his actions. He sent the explicit images to over 50 recipients, including media outlets and the commissioner herself.

The decision is one of the first large-scale legal actions against the global abuse of deepfake images. Authorities are sending the message that AI-fueled exploitation will face harsh legal consequences. The ruling also strengthens international discussions about how governments regulate emerging technologies and protect vulnerable individuals from AI misuse.

Cisco Firewall Breach Threatens Critical Infrastructure

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive warning companies and federal agencies about two zero-day vulnerabilities—CVE-2025-20362 and CVE-2025-20333—affecting Cisco firewalls. These flaws, when combined, allow hackers to bypass security measures. Hackers can gain complete control over compromised systems.

Cisco confirmed the attackers can maintain persistent access to networks even after reboots and upgrades. The vulnerability makes the breach especially dangerous for critical infrastructure sectors. The vulnerabilities are tied to the ArcaneDoor campaign, a sophisticated operation linked to state-backed hacking groups, possibly from China.

Companies must patch systems immediately and investigate for signs of compromise. This attack highlights the growing risk posed by advanced persistent threats (APTs). The threats target backbone technologies, including network firewalls, which are first-line defenses against cyber intrusions.

CISA’s response includes mandatory patching orders for specific federal agencies. There is also heightened monitoring for organizations across various industries: energy, defense, and telecommunications.

UK Faces Digital ID Debate

(Credit: BBC)

In the UK, Prime Minister Keir Starmer introduced plans for digital identity cards, sparking intense debate over privacy and civil liberties. The proposal aims to modernize security and improve services. However, it raises questions about how personal data will be stored and protected, particularly as cybersecurity threats continue to grow.

Critics fear centralized systems are prime targets for hackers, similar to attacks seen on healthcare databases and government systems worldwide. Supporters argue that digital IDs are essential. They prevent fraud and streamline access to services in a digital-first era.

This conversation follows increasing cybercrime activity targeting UK infrastructure and businesses, further intensifying the need for robust cybersecurity measures.

Jaguar Land Rover Data Breach

Jaguar Land Rover (JLR) experienced a serious cyberattack, exposing sensitive customer data. Hackers accessed internal systems, raising concerns about supply chain vulnerabilities in the automotive sector. While JLR has not confirmed the scope of the breach, cybersecurity experts warn. Connected vehicles and IoT devices could become lucrative targets for organized crime groups.

The incident crystallizes how cybersecurity gaps in manufacturing and transportation industries create ripple effects across economies and consumer trust.

(Credit: Jaguar Land Rover)

Kido Nursery Chain Breach Exposes Data of 8,000 Children

Hackers have reportedly stolen the names, addresses, and photos of 8,000 children from Kido, a multinational nursery chain with sites in London, the United States, India, and China.

(Credit: Kido)

The attackers claim they also possess parental contact information and sensitive safeguarding notes. As part of their extortion campaign, they have reportedly called some parents and caregivers directly. They are pressuring them to comply with ransom demands.

The Metropolitan Police confirmed receipt of a referral regarding the attack. Their cybercrime unit has launched an investigation, though no arrests have been made. The Information Commissioner’s Office stated Kido reported the incident and that regulators are assessing the situation.

This breach has deeply shaken parents and staff. It raises questions about how childcare providers manage and secure sensitive information. It follows recent high-profile cyberattacks, including an April hack on the Co-op, which resulted in an £80 million financial hit, and a massive breach at Jaguar Land Rover, which forced production halts across several factories.

The Kido attack illustrates how ransomware groups are now targeting institutions that serve society’s most vulnerable populations. Emotional leverage is now being used to extract payments.

Historic UK Business Collapses After Password Breach

(CreDit KNP)

A single weak password caused the collapse of the 158-year-old KNP Logistics Group in the UK. The Akira ransomware group exploited the lack of multi-factor authentication on one employee’s account, gaining access to the company’s systems.

The attackers encrypted all digital assets, destroyed backup systems, and demanded a £5 million ($6.7 million) ransom. Despite efforts to recover, KNP’s operations froze. Within weeks, the company shut down, leaving 700 employees jobless.

This case is indicative of how basic security lapses can lead to catastrophic outcomes. It illustrates that cybersecurity is a leadership issue, not merely an IT function. Without top-level prioritization of digital safety, even well-established companies can fall victim to destructive ransomware campaigns.


TF Summary: What’s Next

This week’s events reflect the widening scope of cyber threats — from personal privacy violations through deepfake exploitation to massive infrastructure breaches that can disrupt entire nations. Governments are racing to implement legal frameworks. Meanwhile, companies scramble to defend against increasingly complex attacks.

Expect more aggressive enforcement actions like the Australian ruling and tighter security directives similar to CISA’s response to the Cisco exploit. Meanwhile, debates over digital identity systems will grow louder. Societies weigh convenience against the risks of centralized data collection.

MY FORECAST: Within six months, governments will press for stricter cybersecurity regulations. Additionally, AI misuse remains a dominant theme in global law enforcement initiatives. Businesses that fail to prioritize security will suffer legal and reputational disasters.

— Text-to-Speech (TTS) provided by gspeech

Share This Article
Leave a comment