< ciso
brief />
Tag Banner

All news with #research tag

264 articles

Search for Clean Residential Proxies in Carding

🔍 Flare researchers examined nearly 2,900 underground posts to map how carders assess residential proxies and build fraud-ready digital identities. The analysis shows proxies are judged by reputation and history rather than just being residential, and are commonly paired with antidetect browsers, device fingerprints, and billing consistency. Providers’ restrictions and takedowns have pushed demand for “finance-compatible” IPs and increased operational complexity for attackers.
read more →

Alan Turing’s World War II Voice Encryption Revealed

📜 Newly surfaced wartime papers, sold as the “Bayley papers” in November 2023, reveal details of Alan Turing’s top-secret 1943–1945 voice-encryption project called Delilah. The cache includes handwritten notes by Turing and annotations by his assistant Bayley, who preserved the documents until his death in 2020. The material outlines a portable system for encrypting speech and provides rare engineering insight into Turing’s wartime cryptologic work.
read more →

PhantomEnigma Abuses Brazilian Government Sites

🛡️ ANY.RUN uncovered an active PhantomEnigma campaign that hijacked over 20 Brazilian government websites to deliver malware. The operation used authenticated emails, compromised mailboxes, and trusted .gov.br hosts to redirect victims to malicious installers and a modular index.js backdoor. Researchers linked hundreds of sandbox sessions to reveal the campaign’s infrastructure, delivery chains, and detection guidance.
read more →

Agent Data Injection: New AI attack class exposed

🛡️ Researchers describe a new class of attacks called agent data injection (ADI), where attackers plant forged trusted fields—like a sender name or button ID—so an AI agent acts on corrupted facts while continuing its assigned task. The method exploits how agents parse punctuation-delimited fields, letting attackers slip fake structure past prompt-injection defenses. The team built working proofs against multiple web and coding assistants and found mixed mitigation results from random IDs and provenance tracking.
read more →

Display Pixels That Also Capture Light

🖥️Researchers at ETH Zurich have developed a new ‘Fourier pixel’ that can both display and sense light simultaneously. The pixel manipulates intensity, phase, and polarization to generate and detect arbitrary light fields, effectively combining screen and camera functionality. The team published their results in Nature, highlighting the pixel’s ability to tap a display element’s full information capacity. This advance raises privacy and surveillance concerns reminiscent of fictional telescreens.
read more →

Study Reveals Browser Wallets Enable Cross‑Site Tracking

🔎 Researchers at KU Leuven analyzed 85 popular browser-based crypto wallet extensions and found systemic privacy leaks that can link and de-anonymize users. The wallets reveal addresses in clear text to external servers, announce installed wallets to sites, and often fail to revoke access on logout. These behaviors allow separate addresses to be correlated, stale permissions to persist across sessions, and authorized wallets to expose addresses inside embedded frames, enabling cross-site tracking and potential deanonymization.
read more →

Malicious Python Packages and Supply Chain Risks

🐍 This report examines how the convenience and popularity of Python have attracted supply chain abuse, showing how malicious packages can execute code during installation and persist via .pth files or sitecustomize hooks. It outlines the installation layers (hosting, installation, environment), distribution formats (sdist, wheel), and common abuse techniques, emphasizing the rapid impact of compromised packages on development and enterprise assets.
read more →

Microsoft Secure Future Initiative July 2026 Report

🔒 This progress report outlines Microsoft’s Secure Future Initiative (SFI) two-year effort to strengthen security foundations, apply AI for proactive defense, and prepare for future challenges such as post-quantum risks. It highlights layered controls—identity, access governance, segmentation, and secure engineering defaults—paired with cultural and governance measures to make protections durable. The report also shares lessons, practical guidance, and metrics of organizational adoption.
read more →

Measuring agent capability with graded difficulty

🔎 This article from Google Data Cloud explores a rigorous, information‑theoretic approach to evaluating AI data agents by converting binary pass/fail tests into graded difficulty sweeps. The team introduces Discovery Bench and iterative surprisal-based query refinement (iSQR) to generate low/medium/high ambiguity variations of queries, quantify surprisal, and map where agents succeed or fail. The piece highlights how this method reveals cliffs and sweet spots in agent behavior and calls for auditing benchmarks themselves to avoid misleading conclusions.
read more →

Laser fault resets Tangem crypto wallet PINs

🔬 Researchers at Ledger's Donjon team demonstrated that a precisely timed laser pulse aimed at the secure element inside a Tangem card can force the device to accept a new password without the old one. The invasive attack requires cutting the card open and a sophisticated lab setup costing roughly $250,000, so it cannot be done remotely or without obvious physical damage. Tangem cannot patch affected cards because their firmware is non-updatable, so the flaw is permanent; owners of lost or stolen cards holding significant value should move funds immediately.
read more →

Study: Many Free Android VPNs Fail Basic Security

🔎 Researchers tested 281 popular free Android VPN apps using a new framework and found widespread, basic security failures. The study, using MVPNalyzer, identified traffic leaks, plaintext transmissions, weak encryption, and apps that reveal identifying data to trackers. Those flagged have over 2.4 billion installs combined, and several apps enable tunnel hijacking by fetching configuration files in the clear. The paper and appendix list affected apps and the team plans to release the tool for broader use.
read more →

Rise of Malicious AI Agents Threatens Organizations

🤖 ESET analysis shows cybercriminals increasingly use AI agents and chatbots to autonomously plan and execute attacks. Researchers reviewed 900,000 AI skills in public repositories and found tens of thousands of suspicious and thousands of malicious toolsets, expanding the attack surface. These agentic tools can exfiltrate data, execute malware, override instructions, and be repurposed from legitimate utilities into harmful capabilities. ESET urges organizations to enforce policies and caution users about downloading free tools from untrusted sources.
read more →

TrojPix: High‑Speed Air‑Gap Data Exfiltration

🖥️ Researchers at Shandong University demonstrated TrojPix, a novel covert channel that modulates otherwise imperceptible on-screen pixels so the video cable emits a faint radio signal a nearby receiver can decode. The technique requires only user-level malware that can draw to the screen and achieved a peak throughput of 8.1 Mbps and a laboratory range reported up to 208 meters. TrojPix works without hardware changes, can hide transmissions under normal-looking content or a fake powered-off display, and was tested across multiple monitor brands and cable types.
read more →

Researcher Publishes Mass Open-Source Exploit Dump

🔍 A pseudonymous researcher published an 'Exploitarium' GitHub repository containing over 30 proof-of-concept exploits for zero-day vulnerabilities in many open-source projects without prior vendor notification. The dump, shared from June 27 onwards, targets projects like libssh2, FFmpeg, 7-Zip, Gitea, PHP and others, and the author claims AI-assisted fuzzing using OpenAI models. The release bypassed coordinated vulnerability disclosure, drew debate across the security community, and has led to some CVEs and patches, while others remain under review.
read more →

Phantom Squatting: LLMs Enabling Web Domain Attacks

🛡️ Unit 42 found that large language models (LLMs) commonly hallucinate plausible web domains for real brands, and adversaries are registering these nonexistent domains to intercept AI-generated traffic. This phenomenon, called phantom squatting, poses a supply chain risk and was observed across multiple sectors. Researchers predicted adversary registrations 18–51 days in advance and discovered over 13,229 malicious URLs plus ~250,000 unregistered hallucinated domains.
read more →

Microsoft Warns of Poisoned MCP Tool Risk

🛡️ New Microsoft research shows attackers can hijack AI agents by poisoning a tool's description so the agent quietly exfiltrates company data. The attack leverages MCP tool descriptions—plain text that agents read—to inject hidden instructions, allowing malicious actions without obvious rule violations. Microsoft recommends treating tool descriptions as system prompts, restricting approved tools, enforcing human approval for risky actions, and monitoring agent identities and behavior.
read more →

Researchers Find RSA Keys Containing Large Zero Blocks

🔍 New research identifies a class of weak RSA keys characterized by extensive zeroed blocks in the modulus. The open-source badkeys project collected large-scale key material from CT logs, TLS/SSH scans, and PGP repositories and found multiple real-world keys exhibiting two distinct sparse patterns. Pattern 1 appeared in certificates (now expired) from major organizations and devices, while Pattern 2 appeared in SSH hosts using CompleteFTP; affected versions and time ranges are noted. The findings highlight independent cryptographic implementations failing in similar ways and raise concerns about deliberate backdoors or coordinated vulnerabilities.
read more →

Deep dive into BigQuery AI.AGG() function preview

🧭 This post introduces the preview of BigQuery's new AI.AGG() function, which enables natural-language aggregation over millions of rows of unstructured and multimodal data directly inside SQL. It explains practical uses—analyzing logs, discovering product categories, and summarizing image collections—while showing how AI.AGG() batches inputs, handles NULLs, reports errors, and integrates with other BigQuery AI functions like AI.CLASSIFY(). The write-up outlines best practices for token usage, model endpoint selection, and struct handling to help users deploy AI.AGG() effectively.
read more →

Study Finds Decline in Trust for AI Vulnerability Scanning

🛡️ The Cobalt State of Pentesting Report 2026 surveyed roughly 450 cybersecurity professionals across 2025 and 2026 and found trust in fully automated AI vulnerability testing has dropped sharply. Reliance on AI-only testing fell from 29% to 9%, while 47% now prefer a hybrid human-plus-AI model. Respondents reported that 78% of fully automated scanners missed critical vulnerabilities, and AI/LLM issues showed longer MTTR and lower fix rates.
read more →

Prompt Injection as Role Confusion in LLMs

📝 This post highlights a new paper that demonstrates how large language models are vulnerable to prompt injection because they learn to distinguish instruction blocks by style rather than explicit tags. The authors argue that role tags became a de facto security architecture but do not map cleanly into model representations, producing persistent role confusion. The paper warns that without genuine role perception, defenses will be reactive and brittle, and calls for deeper study of roles within the LLM stack.
read more →