research
Consumers feel less judged by AI debt collectors
Debt collection agencies are starting to use automated voice systems and AI-driven messaging to handle consumer calls. These systems help scale outreach, reduce call center …
Design weaknesses in major password managers enable vault attacks, researchers say
Can cloud-based password managers that claim “zero-knowledge encryption” keep users’ passwords safe even if their encrypted-vault servers are compromised? …
Apple privacy labels often don’t match what Chinese smart home apps do
Smart home devices in many homes collect audio, video, and location data. The apps that control those devices often focus on the account owner, even when the technology also …
In GitHub’s advisory pipeline, some advisories move faster than others
GitHub Security Advisories are used to distribute vulnerability information in open-source projects and security tools. A new study finds that only a portion of those …
Mobile privacy audits are getting harder
Mobile apps routinely collect and transmit personal data in ways that are difficult for users, developers, and regulators to verify. Permissions can reveal what an app can …
One-time SMS links that never expire can expose personal data for years
Online services often treat one-time links sent by text message as low-risk conveniences. A new study shows that these links can expose large amounts of personal data for …
Confusion and fear send people to Reddit for cybersecurity advice
A strange charge appears on a bank account. An email claims a package is on the way. A social media account stops accepting a password that worked yesterday. When these …
Ransomware activity never dies, it multiplies
Ransomware attacks kept climbing through 2025, even as major criminal groups collapsed and reformed. A new study conducted by the Symantec and Carbon Black Threat Hunter Team …
QR codes are getting colorful, fancy, and dangerous
QR codes have become a routine part of daily life, showing up on emails, posters, menus, invoices, and login screens. Security-savvy users have learned to treat links with …
Firmware scanning time, cost, and where teams run EMBA
Security teams that deal with connected devices often end up running long firmware scans overnight, checking progress in the morning, and trying to explain to colleagues why a …
Crypto crime hits record levels as state actors move billions
Nation-state involvement in crypto increased in 2025, signaling a shift in how on-chain crime operates. Three waves of crypto crime (Source: Chainalysis) Research from …
What security teams can learn from torrent metadata
Security teams often spend time sorting through logs and alerts that point to activity happening outside corporate networks. Torrent traffic shows up in investigations tied to …
Featured news
Resources
Don't miss
- LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271)
- The architecture of subtraction: Why it’s time to erase the roads, not just map the traffic
- Treating AI agents like service accounts for federated query security
- Malware ships with bugs that defenders could use against it
- Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751)