CyberHappenings logo
Home Browse Watchlists Experimental About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

U.S. Proposed Ban on TP-Link Networking Gear

First reported
Last updated
2 unique sources, 2 articles

Summary

Hide ▲

The U.S. government is considering a ban on the sale of TP-Link networking devices due to national security concerns over the company's ties to China. TP-Link denies these allegations, maintaining it operates independently and manufactures its products in Vietnam. Texas has sued TP-Link for deceptive marketing and allowing Chinese state-backed hackers to exploit firmware vulnerabilities. The ban is supported by multiple federal agencies and follows reports of Chinese state-sponsored hacking groups exploiting vulnerabilities in TP-Link routers. The proposed ban highlights broader issues with the security of consumer-grade routers, which often ship with outdated firmware and default settings that can be easily compromised.

Timeline

  1. 09.11.2025 20:14 2 articles · 3mo ago

    U.S. Government Considers Ban on TP-Link Networking Devices

    The U.S. government is preparing to ban the sale of TP-Link networking devices due to national security concerns over the company's ties to China. TP-Link denies these allegations, stating it operates independently and manufactures its products in Vietnam. The ban is supported by multiple federal agencies and follows reports of Chinese state-sponsored hacking groups exploiting vulnerabilities in TP-Link routers. Texas has sued TP-Link for deceptive marketing and allowing Chinese state-backed hackers to exploit firmware vulnerabilities. The lawsuit claims TP-Link misled buyers by labeling its products 'Made in Vietnam' while sourcing nearly all components from China. TP-Link routers were used in a large-scale credential-theft botnet linked to password-spray attacks. Texas Attorney General Paxton seeks civil monetary penalties and injunctions requiring TP-Link to disclose Chinese origins of devices and stop collecting consumer data without informed consent. TP-Link denies allegations, stating that neither the Chinese government nor the CCP exercises control over the company or its data.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

Texas Sues TV Manufacturers for Alleged Unauthorized Data Collection via ACR Technology

Texas Attorney General Ken Paxton has filed lawsuits against Sony, Samsung, LG, Hisense, and TCL Technology Group Corporation for allegedly using Automated Content Recognition (ACR) technology to secretly capture screenshots of users' viewing activity every 500 milliseconds and sell the data without consent. The suits highlight concerns about data access by Chinese companies under China's National Security Law. A Texas court initially issued a temporary restraining order (TRO) against Samsung, prohibiting the company from collecting audio and visual data from Texas consumers' smart TVs. However, the court vacated the TRO the following day, allowing Samsung to continue its data collection practices. The TRO, which was set to extend until January 19, followed allegations that Samsung's ACR enrollment practices are deceptive and violate the Texas Deceptive Trade Practices Act (DTPA). The court also noted that users are pressured into consenting to data collection through dark patterns, making it difficult to fully opt out. The lawsuits allege that the collected data is sold to third parties for ad targeting, violating users' privacy rights. This follows a similar 2017 case against Vizio, which settled for $2.2 million for similar practices.

Open in new tab

TikTok US Operations Under New Ownership to Address Security Concerns

TikTok has finalized a deal to create a new American entity, avoiding a ban in the United States. The social video platform signed agreements with major investors including Oracle, Silver Lake, and the Emirati investment firm MGX to form the new TikTok U.S. joint venture. The new version will operate under defined safeguards that protect national security through comprehensive data protections, algorithm security, content moderation, and software assurances for U.S. users. American TikTok users can continue using the same app. President Donald Trump praised the deal in a Truth Social post, thanking Chinese leader Xi Jinping specifically for working with the U.S. and approving the deal. Adam Presser, who previously worked as TikTok’s head of operations and trust and safety, will lead the new venture as its CEO. The new venture will be led by a seven-member, majority-American board of directors that includes TikTok’s CEO Shou Chew. Oracle, Silver Lake, and MGX are the three managing investors, each holding a 15% share. Other investors include the investment firm of Michael Dell, the billionaire founder of Dell Technologies. TikTok has officially formed a joint venture, TikTok USDS Joint Venture LLC, to continue operations in the U.S. under the 2025 Executive Order. The new venture, majority-owned by American investors, aims to address data privacy and security concerns by implementing comprehensive safeguards, including data protections, algorithm security, content moderation, and software assurances. ByteDance will retain a 19.9% stake. The joint venture will operate under strict cybersecurity standards, including NIST CSF, ISO 27001, and CISA requirements, and will be audited by third-party experts. This development follows regulatory pressures and a temporary ban on TikTok in the U.S. Despite these changes, cybersecurity experts caution that significant risks remain, particularly around data collection, social engineering, and algorithm transparency. The approved framework agreement involves Oracle and other American investors managing TikTok's operations and algorithm. The new entity will fully control algorithms, code, and content moderation, with US user data stored in an American-run cloud environment. Security partners will monitor software, algorithms, and data flows, and ByteDance will be excluded from the company’s security committee. TikTok's algorithms and content recommendation models will be retrained using only US-approved data, ensuring no foreign influence. The deal is part of a broader effort to mitigate risks associated with TikTok's data handling practices and its obligations to the Chinese government. Concerns over these issues have led to regulatory actions in the US and other countries, including fines and bans on government devices.

Open in new tab