Amazon Details How Its AWS Outage Disrupted Internet Services

The cloud giant Amazon Web Services faced DNS resolution issues on Monday, causing widespread outages across the web. This incident highlighted the global reliance on hyperscalers like AWS and the challenges major cloud providers and their customers encounter during such failures. For more details on how the outage transpired, see below.

US Justice Department indictments in a mob-related gambling scheme sent shockwaves through the NBA on Thursday. The case involves allegations of a mob-backed group using hacked card shufflers to defraud victims of millions—an approach recently showcased by WIRED in an investigation into the hacking of Deckmate 2 card shufflers used in casinos.

We explored the shocking details of the Louvre jewelry heist and found that the US Immigration and Customs Enforcement likely did not purchase guided missile warheads as part of its procurements; this appears to be an accounting coding error.

Meanwhile, Anthropic has teamed up with the US government to create mechanisms aimed at ensuring its AI platform, Claude, doesn’t assist anyone in building a nuclear weapon. Experts have mixed opinions about the necessity and potential efficacy of this project. Additionally, new research indicates that a browser, seemingly downloaded millions of times and known as the Universe Browser, behaves like malware and is linked to Asia’s rapidly expanding cybercrime and illegal gambling networks.

And there’s more. Each week, we compile the security and privacy news we didn’t delve into ourselves. Click on the headlines for the full stories, and stay safe out there.

AWS confirmed in a “post-event summary” on Thursday that Monday’s major outage stemmed from Domain System Registry failures in its DynamoDB service. The company clarified that these issues triggered additional problems, complicating the situation further. A key factor in the meltdown was the failure of the Network Load Balancer service, crucial for managing data processing and flow across the cloud to avoid bottlenecks. Another issue involved disruptions in launching new “EC2 Instances,” the virtual machine configuration mechanism essential to AWS. The inability to initiate new instances caused strain from a backlog of requests. This combination made recovery a challenging and slow process. The entire incident took about 15 hours from detection to remediation within AWS. “We know this event impacted many customers in significant ways,” the company stated in its postmortem. “We will do everything we can to learn from this event and use it to enhance our availability further.”

The cyberattack that paralyzed production at global car manufacturer Jaguar Land Rover (JLR) and its extensive supply chain for five weeks is likely to be the most financially damaging hack in British history, according to a recent analysis. The Cyber Monitoring Centre (CMC) estimates the fallout from the attack could amount to approximately £1.9 billion ($2.5 billion). CMC researchers estimated that around 5,000 companies were affected by the hack, which forced JLR to halt manufacturing and impacted firms supplying parts as well. JLR resumed production in early October but reported a 25 percent drop in annual production following a “challenging quarter.”

ChatGPT creator OpenAI unveiled its first web browser this week—targeting Google’s prevalent Chrome browser directly. Atlas integrates OpenAI’s chatbot, allowing users to search with the LLM and have it analyze, summarize, and query web pages. However, like other AI-enabled browsers, experts and security researchers express concern over potential indirect prompt injection attacks.

These subtle, often complex, attacks conceal a set of instructions to an LLM within text or images, which the chatbot may then “read” and act upon; for example, harmful instructions could be embedded on a web page the chatbot is summarizing. Security researchers have previously illustrated how these attacks could leak confidential data.

Consistently, AI security researchers have demonstrated that Atlas can be deceived through prompt injection attacks. In one instance, independent researcher Johann Rehberger showed how the browser could switch from dark mode to light mode by interpreting instructions in a Google Document. “For this launch, we’ve conducted extensive red-teaming, employed novel model training techniques to condition the model to ignore malicious instructions, established overlapping guardrails and safety measures, and added new systems to identify and block such attacks,” OpenAI CISO Dane Stuckey communicated on X. “Nevertheless, prompt injection remains an unsolved security challenge, and adversaries will invest considerable time and resources to exploit vulnerabilities in ChatGPT agent[s].”

Researchers from the cloud security firm Edera publicly revealed findings on Tuesday regarding a significant vulnerability affecting open-source libraries used for a file archiving feature often utilized in software updates or backup creation. Named “async-tar,” numerous adapted versions of this library contain the vulnerability and have been patched through a coordinated disclosure process. The researchers stressed that one widely used library, “tokio-tar,” is no longer maintained—often referred to as “abandonware.” Consequently, there is no patch available for tokio-tar users. The vulnerability is identified as CVE-2025-62518.

“In the worst-case scenario, this vulnerability… can result in Remote Code Execution (RCE) through file overwriting attacks, such as replacing configuration files or hijacking build backends,” the researchers noted. “Our recommended remediation is to upgrade immediately to one of the patched versions or eliminate this dependency. If you rely on tokio-tar, consider migrating to an actively maintained fork like astral-tokio-tar.”

Over the past decade, hundreds of thousands of individuals have been trafficked to forced labor camps in Southeast Asia. In these camps—predominantly in Myanmar, Laos, and Cambodia—victims have been coerced into running online scams, generating billions for organized crime groups. Whenever law enforcement has cut internet access to these compounds, the criminal gangs have frequently relied on Elon Musk’s Starlink satellite system to maintain connectivity. A WIRED investigation in February uncovered thousands of phones linking to the Starlink network across eight camps near the Myanmar-Thailand border. At that time, the company did not respond to inquiries regarding the usage of its systems. This week, multiple Starlink devices were confiscated in a raid at a Myanmar compound.