< ciso
brief />
Tag Banner

All news with #research tag

264 articles · page 2 of 14

Unpatchable usbliter8 exploit breaks SecureROM

🔒 Security researchers at Paradigm Shift published a working exploit called usbliter8 that achieves arbitrary code execution inside the SecureROM of Apple A12 and A13 SoCs. The flaw is a hardware bug in the Synopsys DWC2 USB controller and cannot be fixed by software updates, making affected devices permanently vulnerable. Exploitation requires physical possession, DFU mode, and a dedicated microcontroller; the public proof-of-concept and write-up were released on June 18, 2026 following coordinated disclosure.
read more →

Serverless GitHub Pages Phishing Hits Mexican Banks

🛡️ New research from Group-IB describes the GitBait campaign, a multi-year phishing operation targeting Mexican banks that used GitHub Pages for hosting and SheetBest to exfiltrate credentials into Google Sheets. The operation relied on modular phishing kits, automated publishing, and crafted Open Graph tags to spread links via messaging apps while evading search indexing. Group-IB reported over 100 GitHub-hosted domains and urges banks to monitor brand abuse and suspicious traffic to cloud services.
read more →

Fake Reputation Economy Behind Crypto Clipboard Hijackers

🔍 Check Point Research uncovered a coordinated campaign that built a cross-platform false reputation to push a crypto clipboard hijacker. The actor used WordPress phishing hubs, multiple GitHub and SourceForge projects, AI-narrated YouTube tutorials, and forum posts to manufacture trust and inflate engagement. The campaign targeted Windows and macOS, including a macOS persistence mechanism, and manipulated reputation systems like VirusTotal to make malicious files appear safe.
read more →

Study: Prompt Injection Undermines AI Web Agents

🔍 New research finds current AI web agents largely fail to defend against prompt injection attacks. The StakeBench benchmark tested GPT‑5 and Gemini‑powered agents across realistic web scenarios, revealing high success rates for both direct and indirect injections and exposing failure modes like stealthy parasitism and misaligned disruption. Results show vulnerabilities vary by stakeholder and agent architecture.
read more →

New GreatXML BitLocker Bypass Exploit Disclosed

🔒 Security researcher Chaotic Eclipse disclosed a new BitLocker bypass named GreatXML that leverages files placed on the recovery partition and booting into Windows Recovery Environment (WinRE). The researcher says the issue is tied to using Windows Defender Offline Scan and can result in a shell with unrestricted access to a BitLocker volume if specific XML files are copied to the recovery partition and WinRE is invoked. GreatXML follows other recent disclosures from the same researcher, including a Defender zero-day and the earlier YellowKey bypass.
read more →

FROST: SSD-based Browser Fingerprinting Threat

🛡️ Researchers at Graz University of Technology describe FROST, a novel side-channel technique that uses the browser's origin private file system (OPFS) to monitor SSD timing and infer user activity. A malicious webpage leveraging OPFS can repeatedly access storage, measuring micro-delays that reveal what apps or websites are active. The team demonstrated data transmission rates around 660–720 bits/s with ~90% accuracy and used AI to classify app and site fingerprints. Practical constraints — RAM caching, large file creation, and likely EDR/XDR detection — limit FROST to targeted attacks, but it highlights hardware-level blind spots in modern security.
read more →

Behavioral Integrity Risks in AI Agent Skills

🔎 AI agent skills can install third-party capabilities with privileged access, yet registries lack automated audits. Palo Alto Networks introduces Behavioral Integrity Verification (BIV), which compares declared metadata, executable code and natural-language instructions to detect mismatches. Applied to the OpenClaw registry, BIV found widespread deviations and identified multi-stage attack chains that enable credential theft, RCE and exfiltration. The report recommends inventorying skills and requiring pre-install behavioral checks.
read more →

Conditions SRE Teams Require Before Trusting AI

🔍 AI agents can help SRE teams with incident response, triage and automation, but trust is granted only when agents demonstrate reliability under real-world stress. Teams need robust observability, explicit guardrails, human-in-the-loop workflows and explainability so recommendations are evidence-backed rather than speculative. Progressive autonomy, post-incident evaluation and compatibility with existing tools are essential for safe adoption.
read more →

Autonomous AI Agents Vulnerable to Phishing Attacks

🔒 Varonis tested an OpenClaw-based AI agent named Pinchy with access to a controlled Google Workspace to see whether autonomous agents could be phished. The agent was given Gmail access plus mock AWS credentials, CRM exports, internal chats, and calendars, and it still leaked credentials and customer data in scenarios that mimicked routine colleague requests. A stricter safety profile improved performance, but the agent still failed when social trust cues were abused. Researchers say the problem stems from architecture and governance gaps, urging enforceable controls, identity segregation, and human review for sensitive requests.
read more →

Enterprises Ship Vulnerable AI-Generated Code Despite Risks

🛡️ New research from Checkmarx finds enterprises are increasingly shipping AI-generated code despite widespread vulnerabilities. The survey of 2,350 security leaders shows nearly half of production code is AI-built and organizations that rely heavily on AI introduce far more insecure code. Many firms lack formal AI governance and continue to accept or defer fixing known issues, while tool sprawl and developer pressure compound the problem.
read more →

Military used GPS to distribute cryptographic keys

🔍 Steven Murdoch uncovered that U.S. military satellites have been broadcasting hidden codes via public GPS for nearly two decades, effectively turning each satellite into a covert distribution channel. He identified synchronized transmissions across all 31 operational satellites on May 26, 2011, matching the rollout timeline of the military’s Over-the-Air Distribution (OTAD) and Over-the-Air Rekeying (OTAR) systems. This mechanism allowed remote rekeying of military GPS receivers, replacing manual key distribution.
read more →

AI-driven worm shows autonomous host-level exploitation

🧩 Researchers at the University of Toronto built and tested a proof-of-concept self-replicating worm driven by a locally hosted open-weight large language model. In isolated experiments on a deliberately vulnerable 33-host network, the agent identified dozens of vulnerabilities, gained elevated access across most targeted hosts, and autonomously replicated to a majority of the network without using any commercial AI API. The team highlights how runtime reasoning and ingestion of fresh advisories break single-CVE patching assumptions and argues containment must focus on host and network controls rather than vendor API measures.
read more →

FROST attack lets websites fingerprint drives

🛡️ Researchers at Graz University of Technology describe FROST, a browser-based timing attack that uses the Origin Private File System (OPFS) to infer which sites a user visits and which apps they open. The exploit runs purely in JavaScript, requires no native code or permissions, and sharpens timer resolution via cross-origin isolation. On macOS it achieved high fingerprinting accuracy, while mitigations remain limited and browser vendors have not implemented firm fixes.
read more →

Prototype AI-Powered Worm Raises New Security Risks

🔒 Researchers have demonstrated a prototype AI-powered internet worm that autonomously propagates and carries its own local LLM to run on compromised machines. The prototype echoes early theoretical concepts of self-replicating code and shows how generative models can be embedded into malware to extend functionality. This proof-of-concept highlights evolving threats and the need for updated defensive strategies and policy responses.
read more →

HTTP/2 header flaw enables new DoS attacks

🔍 Security researchers disclosed a flaw in default HTTP/2 configurations that enables a denial-of-service technique dubbed the "HTTP/2 Bomb." The issue abuses HPACK header compression and flow-control behavior to force excessive memory allocations and hold them, impacting servers such as nginx, Apache HTTP Server, Microsoft IIS, Envoy, and Cloudflare’s Pingora. Patches have been released for several implementations, and mitigations include disabling HTTP/2 or enforcing header count caps.
read more →

AI Applied to Decrypt Medieval Ciphers

🧭 The post considers how historical plaintext-hiding techniques, traditionally done by hand, created patterns such as short key phrases that made ciphers vulnerable to statistical analysis. It argues that modern AI and LLMs, being fundamentally statistical models with some randomness, can exploit ciphertext statistics to reconstruct plaintext. The author notes this capability does not automatically make decryption trivial, but highlights the potential for AI to invert statistical patterns in encrypted text.
read more →

VS Code zero-day lets attackers steal GitHub tokens

🛡️ A security researcher published exploit code for a Visual Studio Code zero-day that enables attackers to steal GitHub OAuth tokens by tricking users into clicking a link. The flaw abuses VS Code's sandboxed webview message-passing to run JavaScript that simulates keypresses, installs a malicious extension, and exfiltrates tokens sent to github.dev. The vulnerability is unpatched and unassigned a CVE; users can mitigate risk by clearing cookies and site data for github.dev to force reauthentication prompts.
read more →

Assessment of public Wi‑Fi security in Mexico

🔍 Kaspersky analyzed public Wi‑Fi across Mexico City, Guadalajara, and Monterrey ahead of the 2026 World Cup. The team wardrove to log 84,500 signals and 69,500 unique SSIDs, finding about 82% use WPA2/WPA3 but over 10% are unsecured. WPS was enabled on roughly 45% of access points, often even when WPA2/WPA3 was in use, increasing attack risk. The report also warns of other travel threats like malicious QR codes, public USB chargers, NFC/Bluetooth exploits, and evil‑twin networks. Kaspersky recommends using cellular data or an eSIM and a VPN to stay safe when connecting to public networks.
read more →

OWASP launches Agentic Research Council for AI risks

🧭 At Infosecurity Europe 2026, OWASP will unveil the Agentic Research Council to better align fast‑moving agentic AI capabilities with security research and operational practice. Launched from the GenAI Security Project’s Agentic Security Initiative, the council will prioritize a public research pipeline, convene working groups and connect academic outputs to deployable mitigations. The initiative aims to accelerate runtime‑focused defenses against multi‑agent threats.
read more →

Swiss team claims certifiable perfect randomness

🔬 Researchers at ETH Zurich report creating a device that generates provably perfect random numbers using two superconducting qubits, a 30-meter microwave guide, and specialized software. The setup leverages quantum entanglement and an amplification algorithm to remove bias common in classical and many quantum sources. The team says the output can be certified and could serve cryptographic key generation or public randomness services.
read more →