**Weekly Security and Privacy News Roundup: Major Outages, Cyber Attacks, and Emerging Threats**
This week in cybersecurity and privacy, a series of high-profile incidents and revelations underscored the vulnerabilities and complexities of the digital landscape. From massive cloud outages impacting global businesses, to advances in AI security, and law enforcement’s ongoing battle against cybercrime, the news highlights both the promise and peril of our increasingly interconnected world.
**Amazon Web Services Outage Reveals Internet Fragility**
On Monday, Amazon Web Services (AWS), the world’s largest cloud provider, suffered a significant outage that rippled across the internet, taking down a wide range of websites and services. According to AWS, the disruption originated from failures in the Domain System Registry within its DynamoDB service. These DNS issues cascaded into additional problems, particularly affecting the Network Load Balancer service—crucial for managing traffic across cloud infrastructure—and the launch of new EC2 Instances, which are fundamental virtual machines used by countless applications. The combined impact meant that AWS could not process new requests, leading to a backlog and making recovery complex and protracted. The entire incident spanned roughly 15 hours from detection to resolution.
The incident starkly illustrated the global dependence on “hyperscalers” like AWS. When a single provider experiences technical difficulties, the effects can extend far beyond its own infrastructure, disrupting businesses, services, and users worldwide. AWS acknowledged the seriousness of the outage and pledged to implement lessons learned to further improve availability and resilience.
**Cybercrime and Vulnerabilities: From Casinos to Critical Infrastructure**
In other legal and cybercrime news, the US Justice Department indicted individuals involved in a mob-backed gambling scheme that exploited hacked casino card shufflers to defraud victims of millions of dollars. The scam allegedly used compromised Deckmate 2 shufflers—a vulnerability previously demonstrated by WIRED—to rig games in favor of the perpetrators. This case highlights the intersection of traditional organized crime and modern hacking techniques, and its repercussions have reached as far as the NBA.
Meanwhile, cybersecurity research revealed troubling vulnerabilities in open source libraries used for software updates and backups. Researchers at Edera discovered a serious flaw in the widely adopted “async-tar” and related “forks,” which could potentially lead to remote code execution by overwriting critical files. While most versions have been patched, the popular “tokio-tar” library is no longer maintained, leaving its users exposed unless they migrate to a secure alternative. The vulnerability, tracked as CVE-2025-62518, is yet another reminder of the ongoing challenge in securing open source components.
**Jaguar Land Rover Faces Record-Breaking Hack Costs**
The automotive sector was not immune to cyber threats, as new analysis suggested that the cyberattack which halted production at Jaguar Land Rover (JLR) and its supply chain for five weeks may be the most financially damaging hack in UK history. The Cyber Monitoring Centre estimated the fallout at around £1.9 billion ($