Vendors
-
TP-Link issues firmware updates for Omada gateways to fix four vulnerabilities, including two critical bugs
TP-Link released firmware updates for Omada gateway devices to fix four vulnerabilities, including two critical command injection flaws; users are advised to apply updates and verify device configurations.
-
Researchers Exploit 34 Zero‑Days on Opening Day of Pwn2Own Ireland 2025
On the opening day of Pwn2Own Ireland 2025 researchers exploited 34 zero‑day vulnerabilities and won $522,500 in prizes; Team DDOS earned $100,000 for chaining multiple flaws to compromise a QNAP router and NAS, and the Summoning Team led the leaderboard after day one.
-
DNS0.EU public DNS service discontinues operations over sustainability issues
The France-based non-profit DNS0.EU has discontinued its public DNS resolver, citing lack of sustainability in time and resources; the team recommended alternatives including DNS4EU and NextDNS.
-
Muji halts online sales in Japan after ransomware attack on logistics partner Askul
Muji took its online store offline in Japan after a ransomware attack at logistics partner Askul disrupted orders and shipping; Askul said it suspended operations while investigating possible data leakage, and Muji is notifying affected customers.
-
Researchers find 131 Chrome extensions cloned to automate WhatsApp spam in Brazil
Researchers say 131 rebranded Chrome extensions, sharing a common codebase, were used to automate bulk WhatsApp Web messaging aimed at Brazilian users, a campaign that appears designed to evade platform anti-spam controls and contravene Chrome Web Store rules.
-
Lawsuit says Deel orchestrated long-running espionage against competitor Rippling
Rippling filed a lawsuit on March 17, 2025, alleging that Deel directed a months-long corporate espionage campaign through a cultivated employee who searched Rippling systems thousands of times to capture sales, customer and recruiting information, and that top Deel executives were implicated.
-
Dutch regulator fines Experian Netherlands EUR 2.7 million for GDPR violations
The Dutch Data Protection Authority fined Experian Netherlands EUR 2.7 million for multiple GDPR violations after finding the company collected and used personal data from public and private sources without informing individuals, the regulator said.
-
AWS outage disrupts Amazon, Prime Video, Fortnite, Perplexity and more
An AWS outage has caused widespread service disruptions across multiple regions, affecting Amazon, Prime Video, Fortnite, Perplexity, Canva and others, with AWS reporting increased error rates and work underway to mitigate the issue.
-
Researchers disclose critical WatchGuard Fireware IKEv2 vulnerability allowing unauthenticated code execution
Researchers and vendor advisories describe a critical out‑of‑bounds write in WatchGuard Fireware’s IKEv2 handling that can be exploited pre‑authentication to achieve remote code execution; patches are available.
-
Microsoft revokes more than 200 certificates used in fake Teams ransomware campaign
Microsoft said it revoked over 200 code signing certificates used by a group tracked as Vanilla Tempest to sign fake Microsoft Teams installers that delivered the Oyster backdoor and Rhysida ransomware; the company said it detected the activity in late September 2025 and has updated protections to flag the malicious signatures.
