MUST READ

TP-Link urges immediate updates for Omada Gateways after critical flaws discovery

 | 

TARmageddon flaw in Async-Tar Rust library allows to smuggle extra archives when the library is processing nested TAR files

 | 

Russia-linked COLDRIVER speeds up malware evolution after LOSTKEYS exposure

 | 

Japanese retailer Muji halted online sales after a ransomware attack on logistics partner

 | 

U.S. CISA adds Oracle, Windows, Kentico, and Apple flaws to its Known Exploited Vulnerabilities catalog

 | 

China-Linked Salt Typhoon breaches European Telecom via Citrix exploit

 | 

Russian Lynk group leaks sensitive UK MoD files, including info on eight military bases

 | 

CAPI Backdoor targets Russia’s auto and e-commerce sectors

 | 

F5 breach exposes 262,000 BIG-IP systems worldwide

 | 

China finds “irrefutable evidence” of US NSA cyberattacks on time Authority

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 67

 | 

Security Affairs newsletter Round 546 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Winos 4.0 hackers expand to Japan and Malaysia with new malware

 | 

From Airport chaos to cyber intrigue: Everest Gang takes credit for Collins Aerospace breach

 | 

SIMCARTEL operation: Europol takes down SIM-Box ring linked to 3,200 scams

 | 

A critical WatchGuard Fireware flaw could allow unauthenticated code execution

 | 

Prosper disclosed a data breach impacting 17.6 million accounts

 | 

Microsoft revokes 200+ certificates abused by Vanilla Tempest in fake Teams campaign

 | 

PowerSchool hacker got four years in prison

 | 

Auction house Sotheby’s disclosed a July data breach

 | 

TARmageddon

Pierluigi Paganini October 22, 2025
TARmageddon flaw in Async-Tar Rust library allows to smuggle extra archives when the library is processing nested TAR files

CVE-2025-62518 TARmageddon flaw in Rust async-tar and forks like tokio-tar may allow remote code execution, says Edera. Edera team disclosed a vulnerability tracked as CVE-2025-62518 (CVSS score: 8.1), dubbed TARmageddon, in the Rust async-tar library and forks like tokio-tar. A remote attacker can exploit the flaw to achieve code execution. “astral-tokio-tar is a tar archive […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

TP-Link urges immediate updates for Omada Gateways after critical flaws discovery

Security / October 22, 2025

TARmageddon flaw in Async-Tar Rust library allows to smuggle extra archives when the library is processing nested TAR files

Hacking / October 22, 2025

Russia-linked COLDRIVER speeds up malware evolution after LOSTKEYS exposure

APT / October 22, 2025

Japanese retailer Muji halted online sales after a ransomware attack on logistics partner

Breaking News / October 21, 2025

U.S. CISA adds Oracle, Windows, Kentico, and Apple flaws to its Known Exploited Vulnerabilities catalog

Uncategorized / October 21, 2025