Amazon explains how an AWS outage disrupted the web

Cloud giant Amazon Web Services experienced DNS resolution issues on Monday, leading to cascading outages that took down wide swaths of the web. Monday’s collapse highlighted the world’s critical reliance on so-called hyperscalers like AWS and the challenges big cloud providers and their customers alike face when things go wrong. See below to learn more about how the outage occurs.

The US Department of Justice’s indictments in a mob-fueled gambling scam reverberated across the NBA on Thursday. The case involves allegations that a mob-backed group was using hacked card shufflers to scam victims out of millions of dollars — an approach recently demonstrated by WIRED in investigating the hack of Deckmate 2 card shufflers used in casinos.

We analyzed the details of the horrific Louvre jewelry heist and found in the investigation that US Immigration and Customs Enforcement likely did not purchase guided missile warheads as part of its purchases. It appears that the transaction was an accounting coding error.

Meanwhile, Anthropic has partnered with the US government to develop mechanisms aimed at preventing its AI platform, Claude, from guiding someone through the construction of a nuclear weapon. However, experts have mixed reactions on whether or not this project is necessary and whether it will be successful. New research this week suggests that a browser that appears to have been downloaded millions of times – known as Universe Browser – behaves like malware and has links to cybercrime and illegal gambling networks thriving in Asia.

And there’s more. Every week we round up security and privacy news that we haven’t covered in depth ourselves. Click on the titles to read the full stories. And stay safe out there.

AWS confirmed in a “post-event summary” on Thursday that Monday’s major outage was due to a domain system registration failure in its DynamoDB service. However, the company also explained that these issues exposed other issues as well, increasing the complexity and impact of the outage. A major component of the outage involved issues with the Network Load Balancer service, which is critical to dynamically managing the processing and flow of data across the cloud to prevent choke points. The other factor was the disruption of the launch of new “EC2 instances,” the virtual machine configuration mechanism at the heart of AWS. Without the ability to show new cases, the system was straining under the backlog of requests. All of these elements combine to make recovery a difficult and time-consuming process. The entire incident, from detection to remediation, took about 15 hours to happen within AWS. “We know that this event impacted many customers in significant ways,” the company wrote in its postmortem report. “We will do everything we can to learn from this event and use it to further improve our availability.”

The cyberattack that halted production at global car giant Jaguar Land Rover (JLR) and its overall supply chain for five weeks is likely to be the most financially costly hack in British history, new analysis said this week. According to the Cyber ​​Monitoring Center (CMC), the fallout from the attack is likely to be in the region of £1.9 billion ($2.5 billion). Researchers at CMC estimated that about 5,000 companies may have been affected by the hack, causing JLR to cease manufacturing, with the knock-on effect of its supply chain down the line forcing companies that supply parts to cease operations as well. Jaguar Land Rover restored production in early October and said its annual production was down about 25 percent after a “challenging quarter.”

OpenAI, the maker of ChatGPT, released its first web browser this week, a direct shot at Google’s dominant Chrome browser. Atlas puts OpenAI’s chatbot at the heart of the browser, with the ability to search using LLM and have it analyze, summarize, and ask questions about the web pages you’re viewing. However, as with other AI-enabled web browsers, security experts and researchers are concerned about the potential for indirect injection attacks.

These deceptive attacks, which are almost undetectable, involve hiding a set of instructions for the LLM in text or an image that the chatbot will then “read” and act upon; For example, malicious instructions could appear on a web page that the chatbot is asked to summarize. Security researchers have previously demonstrated how these attacks can lead to the leaking of confidential data.

Just like clockwork, AI security researchers have shown how Atlas can be fooled through flash injection attacks. In one case, independent researcher Johan Ripperger showed how a browser could automatically switch itself from dark mode to light mode by reading instructions in a Google document. “In this launch, we red-teamed an extensive range, implemented new model training techniques to reward the model for ignoring malicious instructions, implemented nested guardrails and safety measures, and added new systems to detect and prevent such attacks,” Dane Stuckey, head of IT at OpenAI, wrote on X.[s] “You fall victim to these attacks.”

Researchers from cloud security company Edera publicly revealed findings Tuesday about a major vulnerability affecting open source libraries for a file archiving feature that is often used to distribute software updates or create backups. Several “forks” or modified versions of the library, known as “async-tar”, contained the vulnerability and released patches as part of a coordinated disclosure process. However, researchers confirm that one widely used library, tokio-tar, no longer exists, and is sometimes called “abandonware.” As a result, there is no patch that tokio-tar users can apply. The vulnerability is tracked as CVE-2025-62518.

“In a worst-case scenario, this vulnerability could lead to remote code execution (RCE) through file overwriting attacks, such as replacing configuration files or hijacking architecture backends,” the researchers wrote. “Our suggested remedy is to immediately upgrade to one of the patched versions or remove this dependency. If you rely on tokio-tar, consider moving to an actively maintained fork such as astral-tokio-tar.”

Over the past decade, hundreds of thousands of people have been trafficked into forced labor complexes in Southeast Asia. In these compounds – mostly in Myanmar, Laos and Cambodia – victims of human trafficking were forced to carry out online scams and steal billions for organized crime groups.

When law enforcement agencies cut off Internet connections at complexes, criminal gangs often turn to Elon Musk’s Starlink satellite system to stay online. In February, a WIRED investigation found thousands of phones connected to the Starlink network in eight complexes centered around the Myanmar-Thailand border. The company did not respond at the time to inquiries regarding the use of its systems. This week, several Starlink devices were seized in a raid on a compound in Myanmar.