Risk
-
High-severity parsing flaw in async-tar and forks could enable file overwrite and RCE
A boundary parsing flaw in async-tar and forks including tokio-tar, tracked as CVE-2025-62518 and dubbed TARmageddon, can allow nested TARs to be treated as outer entries and be used to overwrite files and enable remote code execution; users are advised to migrate to astral-tokio-tar v0.5.6.
-
TP-Link issues firmware updates for Omada gateways to fix four vulnerabilities, including two critical bugs
TP-Link released firmware updates for Omada gateway devices to fix four vulnerabilities, including two critical command injection flaws; users are advised to apply updates and verify device configurations.
-
Phishing emails offering fake jobs used to steal Facebook logins, researcher says
Sublime Security reported on Oct. 16, 2025 that a phishing campaign uses fake job offers and brand impersonation to capture Facebook login credentials, warning of deceptive URLs and counterfeit login pages.
-
Google links three new ‘ROBOT’ malware families to Russia-linked COLDRIVER
Google’s Threat Intelligence Group linked three new malware families — NOROBOT, YESROBOT and MAYBEROBOT — to the Russia-linked COLDRIVER group, describing a ClickFix-style delivery chain and ongoing rapid development aimed at evading detection. Dutch prosecutors also said three youths are suspected of providing services to a foreign government and one had contact with a Russia-affiliated…
-
China-linked Salt Typhoon exploited Citrix to target European telecom, Darktrace says
Security firm Darktrace reported that a European telecommunications organisation was targeted in July 2025 by a China-linked group known as Salt Typhoon, which exploited a Citrix NetScaler Gateway to gain access and deployed Snappybee via DLL side-loading; the activity was detected and remediated and the victim was not named.
-
China’s MSS says NSA carried out ‘premeditated’ cyber operation against national time service
China’s Ministry of State Security said in a WeChat post it uncovered ‘irrefutable evidence’ that the U.S. NSA carried out a multi-year cyber operation against the National Time Service Center, alleging credential theft, deployment of a platform with 42 tools, and attempts to disrupt timing systems; the MSS said Chinese agencies neutralized the activity.
-
Muji halts online sales in Japan after ransomware attack on logistics partner Askul
Muji took its online store offline in Japan after a ransomware attack at logistics partner Askul disrupted orders and shipping; Askul said it suspended operations while investigating possible data leakage, and Muji is notifying affected customers.
-
CISA says Windows SMB privilege-escalation bug CVE-2025-33073 is being exploited
CISA warned that threat actors are actively exploiting CVE-2025-33073, a high-severity SMB privilege-escalation bug affecting Windows Server, Windows 10 and Windows 11 up to 24H2. Microsoft patched the flaw in June 2025 and attributed discovery to multiple researchers, while CISA added the vulnerability to its Known Exploited Vulnerabilities Catalog and set a Nov. 10 deadline…
-
Lawsuit says Deel orchestrated long-running espionage against competitor Rippling
Rippling filed a lawsuit on March 17, 2025, alleging that Deel directed a months-long corporate espionage campaign through a cultivated employee who searched Rippling systems thousands of times to capture sales, customer and recruiting information, and that top Deel executives were implicated.
-
Dutch regulator fines Experian Netherlands EUR 2.7 million for GDPR violations
The Dutch Data Protection Authority fined Experian Netherlands EUR 2.7 million for multiple GDPR violations after finding the company collected and used personal data from public and private sources without informing individuals, the regulator said.
