All news with #research tag

🔍 Researchers from three Hong Kong universities demonstrated a method to extract acoustic information from fiber-optic cables by measuring vibration-induced changes in the optical signal. Their experiments showed that strong vibrations such as footsteps can be detected remotely, but clear human speech was not recoverable without a local audio-to-vibration converter or significant control over provider equipment. The attack relies on sending optical pulses and measuring Rayleigh scattering-related deviations, and while technically feasible, it remains an unlikely and costly targeted threat requiring access to the Optical Distribution Network or an implanted converter to amplify audio signals.

🔎 Google Threat Intelligence scanned a large Common Crawl corpus to detect indirect prompt injection (IPI) patterns embedded in public web pages. The team combined signature-based pattern matching, Gemini-assisted classification, and manual review to reduce false positives and contextualize findings. Most observed injections were low-sophistication—pranks, benign guidance, or SEO-driven prompts—but a smaller and rising set attempted data exfiltration or destructive actions. The study excludes social media and login-protected content and reports a 32% increase in malicious samples between Nov 2025 and Feb 2026.

🔍 Claude Mythos Preview uncovered 271 security flaws in Firefox 148, all addressed in Firefox 150, prompting claims that the model can match human researchers in vulnerability discovery. Mozilla and security experts say Mythos closed significant gaps left by fuzzing and automation, though Anthropic is investigating reported unauthorized access to the model. Teams are urged to adopt continuous AI-assisted testing and treat models as privileged infrastructure.

📶AirSnitch demonstrates techniques that subvert enterprise Wi‑Fi protections by exploiting interactions between encryption, switching and routing. The research shows how attackers can bypass WPA2 and WPA3‑Enterprise client isolation to intercept and inject traffic across access points. It details primitives like Port Stealing, Gateway Bouncing and Broadcast Reflection and provides practical mitigations for networks and endpoints.

🔎 Researchers at Infrawatch have identified a Belarus-associated platform, ProxySmart, linked to 87 control panels across 17 countries and 94 phone farm locations. The turnkey software provides device management, automated IP rotation, customer provisioning and anti-bot measures, enabling what researchers describe as SIM Farm as a Service. ProxySmart orchestrates both physical smartphones and USB 4G/5G modems, supports multiple proxy protocols, and includes OS fingerprint spoofing, significantly lowering the technical barrier for large-scale mobile proxy operations.

⚠️ Research from the Cloud Security Alliance (CSA) and Token Security warns that unchecked AI agents have caused widespread cybersecurity incidents across enterprises in the past year. The report finds many organizations overestimate agent visibility — 68% claim high visibility while 82% discovered unknown agents — leading to data exposure, operational disruption and financial losses. It highlights weak lifecycle governance, particularly around decommissioning, and calls for unified controls across discovery, policy, monitoring and decommissioning.

🔐 Attackers increasingly rely on stolen credentials—via credential stuffing, password spraying and phishing—to gain immediate, low-noise access. Legitimate logins often evade detection, allowing adversaries to dump additional passwords, move laterally, and persist. The author warns that AI is accelerating these techniques and advocates a DAIR (Dynamic Approach to Incident Response) loop, plus clear communication and hands-on training to contain and remediate identity-based intrusions.

🔍 Anthropic's Claude Mythos — developed under Project Glasswing and currently trialed by select organizations — faces scrutiny after VulnCheck's analysis found limited publicly attributable results. The team identified 75 CVE entries mentioning Anthropic, 40 credited to its researchers, but only one explicitly tied to Glasswing (CVE-2026-4747), with several additional findings embargoed. Anthropic has signaled more transparency in July 2026. Security experts caution that Mythos' reported exploit success rates could still accelerate attacker capabilities and outpace corporate change controls.

🔍VulnCheck's analysis indicates Anthropic's controlled-access Project Glasswing has only one publicly attributable CVE: CVE-2026-4747, a FreeBSD NFS remote code execution flaw described as autonomously identified and exploited. Researcher Patrick Garrity reviewed the CVE database and found 75 records mentioning Anthropic, but only 40 credited to its researchers and a single CVE tied explicitly to Glasswing. Industry observers warn that public attribution may understate the model's potential, and Anthropic plans a fuller accounting by July 2026.

🤖 A new laboratory experiment examines how humans respond when pitted against LLMs in a multi-player p-beauty contest versus other humans. Using a within-subject, monetarily-incentivised design, the study finds participants choose significantly lower numbers when playing against LLMs, with a marked increase in selections of the zero Nash-equilibrium. The effect concentrates among participants with strong strategic-reasoning ability, who report perceived AI reasoning and an unexpected expectation of cooperation as motivating factors.

🧠 A new paper, What hackers talk about when they talk about AI, analyzes more than 160 cybercrime forum conversations collected over seven months to show how offenders perceive and experiment with AI. The study finds growing curiosity about using both legitimate AI services and bespoke illicit models, alongside clear doubts about reliability, cost, and operational security. Authors use a diffusion-of-innovation framework to trace early-stage adoption and offer practical guidance for law enforcement and policymakers.

🔍 OX Security analyzed 216 million security findings from 250 organizations over a 90‑day period and found that while raw alert volume rose 52% year‑over‑year, prioritized critical risk increased nearly 400%. The ratio of critical findings to alerts nearly tripled, from 0.035% to 0.092%. The report links the surge to AI-assisted development and stresses that business context now often outweighs traditional technical severity.

🔍Analysis of more than one billion CISA KEV remediation records across 10,000 organizations over four years shows defensive operations have hit a human ceiling. Time-to-Exploit averages negative seven days while vulnerability volume rose 6.5× since 2022. Qualys identifies a Manual Tax and recommends shifting to autonomous, closed-loop Risk Operations Centers that measure Risk Mass rather than raw CVE counts.

🔒 Specops compared two flagship AI accelerators, the Nvidia H200 and AMD MI300X, against the consumer RTX 5090 using Hashcat benchmarks for MD5, NTLM, bcrypt, SHA-256 and SHA-512. The RTX 5090 outperformed both AI GPUs across all tested algorithms, often by wide margins, meaning the expensive AI hardware does not translate to superior password-cracking performance. Price-to-performance was stark: the H200 costs at least ten times an RTX 5090 yet delivers lower hash rates. The practical risk remains weak or reused credentials; long passphrases, breached-password detection, and MFA are the recommended mitigations.

🛡️ Cloudflare demonstrates an automated method to reverse-engineer classic BPF socket filters and generate the exact “magic” packets that trigger stealthy Linux backdoors. By combining symbolic execution with the Z3 theorem prover and translating the resulting constraints into concrete byte values, the approach reduces manual analysis of complex BPF bytecode from hours or days to seconds. The team uses scapy to assemble crafted packets and has open-sourced the filterforge tool to accelerate threat research and detection.

⚠️ New research describes GPUBreach, a set of GDDR6 RowHammer techniques that corrupt GPU page tables to gain arbitrary GPU memory read/write and, in GPUBreach's case, full host control. The work shows chained GDDR6 bit-flips can corrupt trusted driver state and trigger kernel memory-safety bugs in NVIDIA drivers even with the IOMMU enabled. Related efforts (GDDRHammer, GeForge) also achieve GPU-side arbitrary read/write, though some require IOMMU to be disabled. Enabling ECC reduces risk but is not a guaranteed mitigation for all platforms.

⚠️ A new attack called GPUBreach demonstrates that Rowhammer-induced bit flips in GDDR6 memory can corrupt GPU page tables and allow an unprivileged CUDA kernel to gain arbitrary GPU memory read/write access. The University of Toronto team showed this capability can be chained into CPU-side privilege escalation by exploiting memory-safety bugs in the NVIDIA driver, potentially yielding a full system compromise up to a root shell. Critically, the attack works with IOMMU enabled and remains unmitigated on consumer GPUs without ECC. Full technical details and a reproduction package will be published on April 13.

🌱 Google reports that its seventh‑generation TPU, Ironwood, achieved an approximately 3.7x improvement in Compute Carbon Intensity (CCI) versus TPU v5p based on fleet measurements in January 2026. CCI captures estimated CO2e per utilized FLOP, including embodied (Scope 3) and operational (Scope 1 and 2) emissions. Google also cites a roughly 5x increase in utilized FLOPs and a rise in peak BF16 FLOPS from 459 to 2,307. The company attributes gains to hardware advances and software/system optimizations such as Mixture of Experts sparsity, wider FP8 adoption, and improved fleet orchestration, while noting results are a point‑in‑time snapshot that can vary by workload, location, and accounting method.

🔐 AI is rapidly reshaping how software is written, deployed, and consumed, pointing toward a future of on-demand "instant software" that is created and discarded as needed. The essay examines how improved AI tools will change the attacker/defender dynamic by automating both vulnerability discovery and, potentially, patch creation. It highlights particularly exposed areas such as IoT and legacy industrial systems and outlines several key unknowns—AI effectiveness on closed-source code, patch reliability, update lag, coordination of defenses, and risks of poisoning or social-engineering attacks. The author sketches optimistic scenarios (self-healing networks, rapid coordinated patching) while warning that attackers will adapt by targeting unpatchable legacy code and human elements.

⚠️ Last week a leaked build of Anthropic's new model, Claude Capybara (also called Mythos), revealed substantially improved capabilities for automated vulnerability discovery, exploit development, and multi-step attack reasoning. The incident marks a turning point: frontier AI can compress attack lifecycles and enable scalable, novel exploitation techniques that were once the domain of advanced state actors. Security teams should treat this as a warning and accelerate risk assessments, patching, detection, and governance measures.