Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Cloud giant Amazon Web Services had DNS resolution issues on Monday Which led to successive outages that cut off large areas of the web. Monday’s collapse highlighted the underlying factors the world faces Accreditation On so-called hyperscalers such as AWS and The challenges major cloud providers and their customers alike face when things go wrong. See below to learn more about how the outage occurs.
The US Department of Justice’s indictments in a mob-fueled gambling scam reverberated across the NBA on Thursday. Case included Allegations that a mob-backed group was using hacked card shuffling tools to scam victims Of millions of dollars – an approach that WIRED recently showed In the investigation into the hacking of Deckmate 2 card shufflers used in casinos.
we Analyze the details of the horrific Louvre jewelery heist and The investigation found that U.S. Immigration and Customs Enforcement likely did not purchase warheads for the guided missiles As part of their purchases. It appears that the transaction was an accounting coding error.
Meanwhile, Anthropic has partnered with the US government to Developing mechanisms aimed at preventing its AI platform, Claude, from guiding someone through the construction of a nuclear weapon. However, experts have mixed reactions on whether or not this project is necessary and whether it will be successful. New research this week suggests the browser – known as the Browser Universe – appears to have been downloaded millions of times.It behaves like malware and has links to cybercrime and illegal gambling networks thriving in Asia.
And there’s more. Every week we round up security and privacy news that we haven’t covered in depth ourselves. Click on the titles to read the full stories. And stay safe out there.
AWS confirmed in a “post-event summary” on Thursday that Monday’s major outage was due to a domain system registration failure in its DynamoDB service. However, the company also explained that these issues exposed other issues as well, increasing the complexity and impact of the outage. A major component of the outage involved issues with the Network Load Balancer service, which is critical to dynamically managing the processing and flow of data across the cloud to prevent choke points. The other factor was the disruption of the launch of new “EC2 instances,” the virtual machine configuration mechanism at the heart of AWS. Without the ability to show new cases, the system was straining under the backlog of requests. All of these elements combine to make recovery a difficult and time-consuming process. The entire incident, from detection to remediation, took about 15 hours to happen within AWS. “We know that this event impacted many customers in significant ways,” the company wrote in its postmortem report. “We will do everything we can to learn from this event and use it to further improve our availability.”
Cyber attack that shut down Production at the global automotive giant Jaguar Land Rover JLR and its end-to-end five-week supply chain are likely to be the most financially costly breach in British history. A new analysis said this week. According to the Cyber Monitoring Center (CMC), the fallout from the attack is likely to be in the region of £1.9 billion ($2.5 billion). Researchers at CMC estimated that about 5,000 companies may have been affected by the hack, causing JLR to cease manufacturing, with the knock-on effect of its supply chain down the line forcing companies that supply parts to cease operations as well. JLR restored production in early October He said Its annual production fell by about 25 percent after a “challenging quarter.”
ChatGPT Maker OpenAI has released its first web browser This week — a live snapshot of Google’s dominant Chrome browser. Atlas puts OpenAI’s chatbot at the heart of the browser, with the ability to search using LLM and have it analyze, summarize, and ask questions about the web pages you’re viewing. However, as with other AI-enabled web browsers, security experts and researchers are concerned about the possibility of this happening. Indirect injection attacks.
These scammers, Almost unsolvableThe attacks involve hiding a set of instructions to a LLM student in text or an image, which the chatbot then “reads” and acts on; For example, malicious instructions could appear on a web page that the chatbot is asked to summarize. Security researchers have previously shown how to do this These attacks can lead to confidential data being leaked.
Almost like clockwork, so have AI security researchers Show how Atlas can be Deceived Via rapid injection attacks. In one case, an independent researcher Johan Ripperger Show how the browser can automatically switch itself from dark mode to light mode by reading the instructions in a Google Doc. “In this launch, we implemented extensive red teaming, implemented new model training techniques to reward the model for ignoring malicious instructions, implemented nested guardrails and safety measures, and added new systems to detect and prevent such attacks,” OpenAI CISO said. Dane Stuckey wrote on X. “However, instantaneous injection remains an unsolved border security issue, and our adversaries will spend significant time and resources finding ways to make ChatGPT agent(s) fall for these attacks.”
Researchers from cloud security company Edera publicly revealed findings Tuesday about a major vulnerability affecting open source libraries for a file archiving feature that is often used to distribute software updates or create backups. Several “forks” or modified versions of the library, known as “async-tar”, contained the vulnerability and released patches as part of a coordinated disclosure process. However, researchers confirm that one widely used library, tokio-tar, no longer exists, and is sometimes called “abandonware.” As a result, there is no patch that tokio-tar users can apply. The vulnerability is tracked as CVE-2025-62518.
“In a worst-case scenario, this vulnerability could lead to remote code execution (RCE) through file overwriting attacks, such as replacing configuration files or hijacking architecture backends,” the researchers wrote. “Our suggested remedy is to immediately upgrade to one of the patched versions or remove this dependency. If you rely on tokio-tar, consider moving to an actively maintained fork such as astral-tokio-tar.”
Over the past decade, hundreds of thousands of people They are smuggled into forced labor complexes In Southeast Asia. In these compounds – mostly in Myanmar, Laos and Cambodia – victims of human trafficking were forced to engage in online scams and… Organized crime groups steal billions.
When law enforcement agencies cut off Internet connections at complexes, criminal gangs often resort to them Elon Musk’s Starlink satellite system to stay online. In February a Wired investigation It found thousands of phones connected to the Starlink network in eight complexes centered around the Myanmar-Thailand border. The company did not respond at the time to inquiries regarding the use of its systems. This week, several Starlink devices were confiscated in the area Complex raid in Myanmar.