research
Turning plain language into firewall rules
Firewall rules often begin as a sentence in someone’s head. A team needs access to an application. A service needs to be blocked after hours. Translating those ideas into …
The roles and challenges in moving to quantum-safe cryptography
A new research project examines how organizations, regulators, and technical experts coordinate the transition to quantum safe cryptography. The study draws on a structured …
AI security risks are also cultural and developmental
Security teams spend much of their time tracking vulnerabilities, abuse patterns, and system failures. A new study argues that many AI risks sit deeper than technical flaws. …
Radio signals could give attackers a foothold inside air-gapped devices
Air-gapped systems are meant to stay quiet. Remove network ports, lock down inputs, and the device should have nothing to hear. A new study shows that this breaks down when …
LLMs are automating the human part of romance scams
Romance scams succeed because they feel human. New research shows that feeling no longer requires a person on the other side of the chat. The three stages of a romance-baiting …
LLMs can assist with vulnerability scoring, but context still matters
Every new vulnerability disclosure adds another decision point for already stretched security teams. A recent study explores whether LLMs can take on part of that burden by …
What if your face could say “don’t record me”? Researchers think it’s possible
Phones, smart glasses, and other camera-equipped devices capture scenes that include people who never agreed to be recorded. A newly published study examines what it would …
Counterfeit defenses built on paper have blind spots
Counterfeit protection often leans on the idea that physical materials have quirks no attacker can copy. A new study challenges that comfort by showing how systems built on …
Weak enforcement keeps PCI DSS compliance low
Payment card breaches continue to surface across industries, even after years of investment in security standards. A new study links this pattern to enforcement, showing that …
Formal proofs expose long standing cracks in DNSSEC
DNSSEC is meant to stop attackers from tampering with DNS answers. It signs records so resolvers can verify that data is authentic and unchanged. Many security teams assume …
Browser agents don’t always respect your privacy choices
Browser agents promise to handle online tasks without constant user input. They can shop, book reservations, and manage accounts by driving a web browser through an AI model. …
LLMs work better together in smart contract audits
Smart contract bugs continue to drain real money from blockchain systems, even after years of tooling and research. A new academic study suggests that large language models …
Featured news
Resources
Don't miss
- State-backed phishing attacks targeting military officials and journalists on Signal
- Poland’s energy control systems were breached through exposed VPN access
- CISA orders US federal agencies to replace unsupported edge devices
- Ransomware attackers are exploiting critical SmarterMail vulnerability (CVE-2026-24423)
- February 2026 Patch Tuesday forecast: Lots of OOB love this month