research
LLMs can assist with vulnerability scoring, but context still matters
Every new vulnerability disclosure adds another decision point for already stretched security teams. A recent study explores whether LLMs can take on part of that burden by …
What if your face could say “don’t record me”? Researchers think it’s possible
Phones, smart glasses, and other camera-equipped devices capture scenes that include people who never agreed to be recorded. A newly published study examines what it would …
Counterfeit defenses built on paper have blind spots
Counterfeit protection often leans on the idea that physical materials have quirks no attacker can copy. A new study challenges that comfort by showing how systems built on …
Weak enforcement keeps PCI DSS compliance low
Payment card breaches continue to surface across industries, even after years of investment in security standards. A new study links this pattern to enforcement, showing that …
Formal proofs expose long standing cracks in DNSSEC
DNSSEC is meant to stop attackers from tampering with DNS answers. It signs records so resolvers can verify that data is authentic and unchanged. Many security teams assume …
Browser agents don’t always respect your privacy choices
Browser agents promise to handle online tasks without constant user input. They can shop, book reservations, and manage accounts by driving a web browser through an AI model. …
LLMs work better together in smart contract audits
Smart contract bugs continue to drain real money from blockchain systems, even after years of tooling and research. A new academic study suggests that large language models …
Privacy risks sit inside the ads that fill your social media feed
Regulatory limits on explicit targeting have not stopped algorithmic profiling on the web. Ad optimization systems still adapt which ads appear based on users’ private …
Should AI access be treated as a civil right across generations?
AI use is expanding faster than the infrastructure that supports it, and that gap is starting to matter for security, resilience, and access. A new position paper argues that …
Why vulnerability reports stall inside shared hosting companies
Security teams keep sending vulnerability notifications, and the same pattern keeps repeating. Many alerts land, few lead to fixes. A new qualitative study digs into what …
Banks built rules for yesterday’s crime and RegTech is trying to fix that
Criminals are moving money across borders faster, and financial institutions are feeling the squeeze. Compliance teams feel this strain every day as they try to keep up with …
AI might be the answer for better phishing resilience
Phishing is still a go-to tactic for attackers, which is why even small gains in user training are worth noticing. A recent research project from the University of Bari looked …
Featured news
Resources
Don't miss
- Five identity-driven shifts reshaping enterprise security in 2026
- What if your face could say “don’t record me”? Researchers think it’s possible
- Conjur: Open-source secrets management and application identity
- Counterfeit defenses built on paper have blind spots
- Budding infosec pros and aspiring cyber crooks targeted with fake PoC exploits