research
Even cybersecurity researchers are exposing secrets in their arXiv LaTeX source
Researchers submit papers to arXiv every day, and most of them upload the LaTeX source files alongside the PDF. The preprint service requires source uploads when available, …
ICS intrusion detection has blind spots that complicate plant security
Industrial control systems on plant floors run alongside a growing layer of monitoring software meant to catch intruders before they reach a turbine, a valve, or a chemical …
The AI criminal mastermind is already hiring on gig platforms
Labor-hire platforms let anyone with a credit card post a task and pay a stranger to complete it. The RentAHuman platform extends that model to AI agents through a Model …
Indirect prompt injection is taking hold in the wild
The open web is slowly but surely filling up with “traps” designed for LLM-powered AI agents. The technique, known as indirect prompt injection (IPI), involves …
A study of 1,000 Android apps finds a privacy policy logging gap
Android developers write log statements for the same reasons they always have: debugging crashes, tracing performance issues, and understanding how features behave in …
GDPR works, but only where someone enforces it
A new measurement study of web tracking across ten countries offers a reality check for anyone working on privacy compliance. Researchers crawled the same set of globally …
Apple Intelligence flaw kept stolen tokens reusable on another device
Apple claims that Apple Intelligence, a GenAI service provided on its operating systems, is designed with an extra focus on user security and privacy through a two-stage …
Researchers build an encrypted routing layer for private AI inference
Organizations in healthcare, finance, and other sensitive industries want to use large AI models without exposing private data to the cloud servers running those models. A …
Workplace stress in 2026 is still worse than before the pandemic
Roughly 40% of employees worldwide said they experienced a lot of stress during the previous day, according to Gallup’s State of the Global Workplace 2026 report, a …
Command integrity breaks in the LLM routing layer
Systems that rely on LLM agents often send requests through intermediary routing services before reaching a model. These routers connect to different providers through a …
Network segmentation projects fail in predictable patterns
Most enterprise networks have segmentation on the roadmap. Many have had it there for years. A survey of 400 U.S.-based network security practitioners who lived through failed …
Health insurance lead sites sell personal data within seconds of form submission
Lead generation websites that offer health insurance quotes collect sensitive personal data and sell it to multiple buyers within seconds of a user clicking submit. A study by …
Featured news
Resources
Don't miss
- Even cybersecurity researchers are exposing secrets in their arXiv LaTeX source
- Cyber crooks got Robinhood to send phishing emails to its own users
- Attackers use MS Teams, fake mailbox repair utility to breach organizations
- The AI criminal mastermind is already hiring on gig platforms
- Indirect prompt injection is taking hold in the wild