All news with #research tag

🔍 Kaspersky analyzed public Wi‑Fi across Mexico City, Guadalajara, and Monterrey ahead of the 2026 World Cup. The team wardrove to log 84,500 signals and 69,500 unique SSIDs, finding about 82% use WPA2/WPA3 but over 10% are unsecured. WPS was enabled on roughly 45% of access points, often even when WPA2/WPA3 was in use, increasing attack risk. The report also warns of other travel threats like malicious QR codes, public USB chargers, NFC/Bluetooth exploits, and evil‑twin networks. Kaspersky recommends using cellular data or an eSIM and a VPN to stay safe when connecting to public networks.

🧭 At Infosecurity Europe 2026, OWASP will unveil the Agentic Research Council to better align fast‑moving agentic AI capabilities with security research and operational practice. Launched from the GenAI Security Project’s Agentic Security Initiative, the council will prioritize a public research pipeline, convene working groups and connect academic outputs to deployable mitigations. The initiative aims to accelerate runtime‑focused defenses against multi‑agent threats.

🔬 Researchers at ETH Zurich report creating a device that generates provably perfect random numbers using two superconducting qubits, a 30-meter microwave guide, and specialized software. The setup leverages quantum entanglement and an amplification algorithm to remove bias common in classical and many quantum sources. The team says the output can be certified and could serve cryptographic key generation or public randomness services.

📡 Researchers show WiFi signals can reveal people and environments by analyzing how radio waves reflect, scatter, and absorb compared with expected patterns. WiFi sensing uses these variations to infer spatial structure and presence, effectively creating an image of surroundings and occupants. Thorsten Strufe of KIT explains it functions like a camera, but with radio waves instead of light, enabling recognition through signal propagation analysis.

🔬 At Google, A/B experimentation extends beyond UI tweaks to critical infrastructure components like kernels, memory allocators, and schedulers. They run machine-level experiments on representative 1% subsets of the fleet to avoid selection bias and capture system-wide effects across colocated workloads. The framework enforces binary hermeticity and a strict two-step rollout so experiments can be activated and rolled back safely. Performance is assessed using application-defined productivity metrics, machine counters, and reliability signals.

🔍 Researchers from Xidian University describe a new image-based prompt injection called CrossMPI that uses near-imperceptible pixel perturbations to alter how large vision-language models interpret both visual and textual inputs. The technique targets intermediate multimodal fusion layers rather than final outputs, misleading LVLMs without modifying text prompts. Tests show strong black-box transferability and high success rates across several open-source models, while common defenses reduce but do not fully eliminate the threat.

🔒 On day one of Pwn2Own Berlin 2026 researchers earned $523,000 exploiting 24 unique zero-days, led by Orange Tsai, who collected $175,000 after chaining four logic flaws to escape the Microsoft Edge sandbox. Windows 11 was rooted three times for new privilege-escalation bugs, and Valentina Palmiotti secured payouts for Red Hat Workstations and an NVIDIA Container Toolkit flaw. The event focuses on enterprise and AI-targeted technologies.

🔧 At Cloudflare we encountered severe query slowdowns after changing partitioning for a large ClickHouse table to support per-namespace retention; the migration aimed to enable tenant-specific TTLs without thousands of tables. Usual metrics (I/O, memory, rows scanned, parts read) looked normal, but flame graphs exposed heavy lock contention in query planning and costly copies of a giant parts vector. We implemented shared locks, a shared cached parts view, and a binary-search-based prune on the partition key to avoid linear scans. These patches dramatically reduced SELECT latency and were contributed upstream.

🔍 In a RSA 2025 conversation, Allie Mellen, author of Code War, frames modern cyber conflict through historical doctrine, showing how nations' distinct strategies shape attacks and espionage. She cautions that attribution based solely on technical signals is insufficient because actors can forge signatures and deploy false flags, so motive and context matter. Mellen warns that AI will make attacks faster and more adaptive, and urges defenders to strengthen fundamentals and adopt automation and AI on the defensive side.

🔍 In this Humans of Talos interview, Senior Vulnerability Researcher Philippe Laulheret explains how his lifelong curiosity and Capture The Flag experience led him from French engineering school to a career in ethical hacking. He describes selecting research targets, reverse engineering techniques, and memorable tests—like bypassing a fingerprint reader with a green onion—to find flaws before adversaries exploit them. Philippe also contrasts the methodical reality of research with movie portrayals and outlines his path through industry roles to Talos.

🔷 Google presents a cluster-level reliability framework for TPU superpods that treats thousands of chips as collective units rather than independent instances. The framework replaces instance-level MTBF thinking with a probabilistic, topology-aware model (binomial distribution) to guarantee contiguous healthy cubes for massive training runs. Using Ironwood, Google shows a 95% confidence block of 130/144 cubes—an 8,320-chip domain—while allowing remaining capacity for heterogeneous workloads. Combined with framework resilience and multi-tier checkpointing, this model is engineered to maximize scheduling goodput for hero jobs.

📌 At Cosmos Conf 2026 Microsoft outlined how AI is transforming application and database design, arguing data platforms must become systems of reasoning that handle prompts, memory, and evolving context. Leaders from OpenAI, Vercel, and Walmart stressed the need for serverless instant scalability, integrated caching, low-latency global distribution, and developer cost visibility. Demos and customer stories highlighted patterns like vector search, change feed, and role-based governance to deliver real-world, low-latency AI experiences.

🔍 The Google Threat Intelligence Group (GTIG) reported the first confirmed instance of an AI-crafted zero-day exploit observed in the wild. The researchers identified a Python-based exploit that bypasses two-factor authentication in an open-source web administration tool and disclosed the flaw to the vendor to limit mass exploitation. GTIG found artifacts in the code—help text, a hallucinated CVSS score and textbook LLM-style constructs—consistent with large language model generation, and noted broader AI abuse by threat actors including misuse of Gemini and agentic tooling.

📄 Schneier surveys simple steganographic tricks—white-on-white text, phonological misspellings, and special fonts—and finds them increasingly ineffective. He notes that even modest 4-billion-parameter models can decode phonologically altered sentences, undermining tokenization-based obfuscation strategies. The post revisits TEMPEST/EmSec concerns, observing that inexpensive software-defined radios and toolkits like GNU Radio have expanded adversary capabilities beyond older Soft Tempest countermeasures. Schneier highlights demos such as Tempest for Eliza and TempestSDR as practical illustrations of ongoing risks.

🔒 A Forrester-commissioned report for Capital One Software finds 72% of security professionals say data security is more critical than ever, yet investments in legacy network and perimeter tools are impeding adequate protection. The research, conducted in February 2026, highlights siloed solutions, limited vulnerability visibility and reduced AI readiness. Respondents report heavy use of network security (70%), IAM (65%) and vulnerability management (60%), while two-thirds do not use tokenization, an underused control the study singles out to reduce risk and enable safer data use.

🔒 Kaspersky analyzed 231 million unique passwords leaked on dark‑web forums (2023–2026) and found that 60% can be cracked in under an hour, with 48% broken in less than a minute. The testing used a single RTX 5090 GPU against MD5 hashes, illustrating how rapidly cracking speeds are improving. The report identifies common human patterns—digits, years, predictable words and popular special characters—and warns that many users reuse unchanged passwords for years. It recommends practical defenses such as a password manager, passkeys, and strong two‑factor authentication.

🔒 Ten years after the EU adopted the General Data Protection Regulation (GDPR), experts say it fundamentally reshaped corporate privacy culture but left important gaps. Analysts credit the GDPR with embedding privacy into daily operations, raising standards, and creating accountability by forcing organizations to know and document their processing. Yet enforcement inconsistencies, international transfer disputes, widespread consent fatigue and the rise of generative AI expose legal and practical tensions that require clarification and coordination with newer digital rules.

🏥 A new RunSafe Security index found that 24% of healthcare organizations experienced cyber-attacks affecting medical devices in the past year, with 80% of those incidents causing moderate or significant patient impact, from delayed imaging to interruptions in critical care. The survey of 551 professionals across the US, UK and Germany shows growing integration of security into procurement—82% deploying runtime exploit protection and 84% including cyber requirements in vendor RFPs—yet legacy devices remain a major exposure.

🔓Recent analysis has decoded a medieval encrypted letter originally sent by a Spanish diplomat, resolving a puzzle scholars have pursued since the document was rediscovered in 1860. The successful decryption reveals new primary material about diplomatic language and secrecy practices in the period. The result highlights how combining historical scholarship with modern analytical techniques can unlock long-standing mysteries.

🔎 SentinelOne researchers have disclosed fast16, a Lua-based cyber‑sabotage framework compiled in 2005 that predates Stuxnet. The implant embeds a Lua 5.0 VM and encrypted bytecode inside a carrier binary svcmgmt.exe and pairs with a kernel driver that patches executables to corrupt high‑precision calculations. fast16 targets legacy Windows 2000/XP environments and engineering simulation tools, and its discovery revises the timeline of state-backed cyber sabotage.