Tag: research

Kids say they can beat age checks by drawing on a fake mustache

46% say age checks are easy to bypass, and nearly a third admit getting around them

Researchers move in the right direction, develop powerful GPS interference alarm

ORNL says portable detector kit can separate real GPS signals from fake ones even at equal strength

Researchers find cyber-sabotage malware that may predate Stuxnet by five years

FAST16 could be the first cyberweapon, and its effects could be with us today

Hear no evil, speak no evil, see no evil - three monkeys coding in the workplace

Agents hooked into GitHub can steal creds – but Anthropic, Google, and Microsoft haven't warned users

Researchers who found the flaws scored beer money bounties and warn the problem is probably pervasive

REG AD

Security researchers tricked Apple Intelligence into cursing at users. It could have been a lot worse

Wash your mouth out with digital soap

Talk ain't cheap: DARPA offers grants for new AI-to-AI communication protocol

MATHBAC program wants better machine-to-machine chatter for scientific discovery

Don't open that WhatsApp message, Microsoft warns

How to avoid social engineering attacks? Employee training tops the list

Folk are getting dangerously attached to AI that always tells them they're right

Sycophantic bots coach users into selfish, antisocial behavior, say researchers, and they love it

Security boffins scoured the web and found hundreds of valid API keys

Global bank's devs have some cleaning up to do after cloud creds found in website code

woman with long fingernails clutching smartphone

Chemists concoct nail polish that lets clawed humans use touch screens

They still look goofy, but at least you might be able to use 'em like a stylus

Telling an AI model that it’s an expert programmer makes it a worse programmer

Researchers say persona-based prompting can improve works for safety but not for facts

RSA

AI agents are 'gullible' and easy to turn into your minions

Zenity CTO demos 0-click AI agent exploits on stage at RSAC

REG AD

State snoops and spyware vendors planting info-stealing malware on iPhones, Google warns

Darksword is the second iOS exploit chain in a month

Meatbags vs machines: DeepMind plans hackathon to draw line between human and AI brains

What exactly is AGI? Nobody knows, but Google's AI lab is asking for help trying to define it

Girl looking at a glass of water through a magnifying glass

Water company wasted $200k on bad answers from an AI model – so built its own slop filtering system

Rozum orchestrates multiple flaky models and drives them to reasonable conclusions

Rogue AI agents can work together to hack systems and steal secrets

Prompt like a hard-ass boss who won't tolerate failure and bots will find ways to breach policy

Fake job applications pack malware that kills endpoint detection before stealing data

Russian-speaking attackers lure HR staff into downloading ISO files that disable defenses

MIT boffins aim to build injectable mini-organs that can fill in for a damaged liver

Injected liver cells stayed viable and functional for eight weeks in mice

Until last month, attackers could've stolen info from Perplexity Comet users just by sending a calendar invite

AI browsing agent left local files open for the taking

Denizens of DEF CON are 'fed up with government'

Jake Braun thinks hackers need to create a 'Digital arsenal of democracy' to defend us all

Ransomware payments cratered in 2025, but attacks surged to record highs

Smaller crews piled in as old names splintered and rebranded

AI models suck slightly less at math than they did last year

Latest ORCA test results out

Claude collaboration tools left the door wide open to remote code execution

Anthropic fixed the flaws – but the AI-enabled attack surfaces remain

Illustration of an eye looking at you through binary numbers

LLMs killed the privacy star, we can't rewind, we've gone too far

You'll find these days that there's no hiding place

Threat intelligence supply chain is full of weak links, researchers find

And they're being stressed by geopolitical concerns that threaten to slow important data-sharing efforts

Don't believe the hyperscalers! AI can't cure the climate crisis

From AI conflation to thin evidence, a new report calls many climate claims greenwashing

Android malware taps Gemini to navigate infected devices

For now, it might not function outside of a lab

Asleep on the sofa image via Shutterstock

Scientists show it's possible to solve problems in your dreams by playing the right sounds

Could the same method one day power sleep-time ads?

Posting AI-generated caricatures on social media is risky, infosec killjoys warn

The more you share online, the more you open yourself to social engineering

Illustration of a man running alongside binary numbers

Microsoft boffins figured out how to break LLM safety guardrails with one simple prompt

Chaos-inciting fake news right this way

Public Sector

Let there be light! DARPA seeking physics-defying photonic computers to supercharge AI

There’s about $35M up for grabs if your circuits can beat today’s limits

Vibe coding may be hazardous to open source

Researchers argue AI coding tools disrupt community and hinder returns to maintainers

REG AD

AI conference's papers contaminated by AI hallucinations

100 vibe citations spotted in 51 NeurIPS papers show vetting efforts have room for improvement

For the price of Netflix, crooks can now rent AI to run cybercrime

Group-IB says crims forking out for Dark LLMs, deepfakes, and more at subscription prices

Fast Pair, loose security: Bluetooth accessories open to silent hijack

Sloppy implementation of Google spec leaves 'hundreds of millions' of devices vulnerable

A simple CodeBuild flaw put every AWS environment at risk – and pwned 'the central nervous system of the cloud'

And it's 'not unique to AWS,' researcher tells The Reg

REG AD

Teach an AI to write buggy code, and it starts fantasizing about enslaving humans

Research shows erroneous training in one domain affects performance in another, with concerning implications

'Imagination the limit': DeadLock ransomware gang using smart contracts to hide their work

New crooks on the block get crafty with blockchain to evade defenses

OpenAI putting bandaids on bandaids as prompt injection problems keep festering

Happy Groundhog Day!

New carbon capture tech could save us from datacenter doom

Maybe our AI overlords, hell-bent on securing power any way they can, should invest in getting this to market

Fake Windows BSODs check in at Europe's hotels to con staff into running malware

Phishers posing as Booking.com use panic-inducing blue screens to bypass security controls

iPad kids are more anxious, less resilient, and slower decision makers

The solution? Lock up the screens and read to your kids

Your car’s web browser may be on the road to cyber ruin

Study finds built-in browsers across gadgets often ship years out of date

China's Ink Dragon hides out in European government networks

Misconfigured servers are in, 0-days out

Storage

The future of long-term data storage is clear and will last 14 billion years

SPhotoix moves its 5D Memory Crystal cold storage tech closer to deployment in data centers

10K Docker images spray live cloud creds across the internet

Flare warns devs are unwittingly publishing production-level secrets

Teens standing in a circle looking at their phones

US teens not only love AI, but also let it rot their brains

Yeah, not shocking, but with other studies linking AI to weaker learning and mental-health risks, it’s a worry

As humanoid robots enter the mainstream, security pros flag the risk of botnets on legs

Have we learned nothing from sci-fi films and TV shows?

Man with umbrella shielding himself from binary digits

Novel clickjacking attack relies on CSS and SVG

Who needs JavaScript?

Networks

Sorry, but your glitchy connection might have cost you that job

Technical problems on video calls can cause uncanniness, which influences real-world decisions

Zendesk users targeted as Scattered Lapsus$ Hunters spin up fake support sites

ReliaQuest finds fresh crop of phishing domains and toxic tickets

Years-old bugs in open source tool left every major cloud open to disruption

Fluent Bit has 15B+ deployments … and 5 newly assigned CVEs

REG AD

LLM-generated malware is improving, but don't expect autonomous attacks tomorrow

Researchers tried to get ChatGPT to do evil, but it didn't do a good job

DARPA making low-hanging satellites that use air to move

Skim the atmosphere and air-breathing VLEO sats can theoretically maintain orbit

Researchers claim 'largest leak ever' after uncovering WhatsApp enumeration flaw

Two-day exploit opened up 3.5 billion users to myriad potential harms

Brussels weighs banning China from major EU research scheme

Draft Horizon Europe plan cites lack of IP protections and Beijing's civil-military fusion strategy

LLM side-channel attack could allow snoops to guess what you're talking about

Encryption protects content, not context

Previously unknown Landfall spyware used in 0-day attacks on Samsung phones

'Precision espionage campaign' began months before the flaw was fixed

MIT Sloan quietly shelves AI ransomware study after researcher calls BS

Even AI has doubts about the claim that '80% of ransomware attacks are AI-driven'

ghenadie http://www.shutterstock.com/gallery-442267p1.html

This security hole can crash billions of Chromium browsers, and Google hasn't patched it yet

Edge, Atlas, Brave among those affected

Researchers exploit OpenAI's Atlas by disguising prompts as URLs

NeuralTrust shows how agentic browser can interpret bogus links as trusted user commands

Berkeley boffins build better load balancing algo with AI

One way AI can improve on human work

AI eats leisure time, makes employees work more, study finds

Rise and grind, robot overlords demand

Cisco: Most companies don't know what they're doing with AI

Only 13% are AI-ready; the rest are bolting it on and hoping for ROI

Devs are writing VS Code extensions that blab secrets by the bucketload

Vibe coding may have played a role in what took researchers months to fix

It's trivially easy to poison LLMs into spitting out gibberish, says Anthropic

Just 250 malicious training documents can poison a 13B parameter model - that's 0.00016% of a whole dataset

AI gets more 'meh' as you get to know it better, researchers discover

Most scientists now use the tech in their work, but still question its usefulness

AI companion bots use emotional manipulation to boost usage

Researchers argue that this dark pattern poses a legal risk

AI chatbots that butter you up make you worse at conflict, study finds

Top AI models keep saying you’re right, and that’s the problem

Startups binge on AI while big firms sip cautiously, study shows

Better hope that bubble doesn't pop

On-Prem

Artist's impression of the Square Kilometer Array at sunrise

Square Kilometre Array is so sensitive, its datacenter needs two Faraday cages to stop RF leaks

Stray signals are a no-no when you’re trying to tune into the stars

Shuai Fu and his colleagues have built the first artificial neurons that can interface directly with living one. Image: Jun Yao

Cyborg dreams move closer to reality with low-power artificial neuron

UMass Amherst research promises better bioelectronic communication

Tile trackers are a stalker's dream, say Georgia Tech researchers

Plaintext transmissions, fixed MAC addresses, rotating 'unique' IDs, and more, make abuse easy

Hunt for RedNovember: Beijing hacked critical orgs in year-long snooping campaign

Not to be confused with all the other reports of Chinese intruders on US networks that came to light this week

Cyber-crime

North Korea's Lazarus Group shares its malware with IT work scammers

Keeping Pyongyang's coffers full

Google warns China-linked spies lurking in 'numerous' enterprises

Mandiant CTO anticipates 'hearing about this campaign for the next one to two years'

Nearly half of businesses suffered deepfaked phone calls against staff

AI attacks on the rise

Hotel manager shocked sitting in front of the monitor of computer.

Kaspersky: RevengeHotels checks back in with AI-coded malware

Old hotel scam gets an AI facelift, leaving travellers’ card details even more at risk

Ruh-roh. DDR5 memory vulnerable to new Rowhammer attack

Google and ETH Zurich found problems with AMD/SK Hynix combo, will probe other hardware

HybridPetya: More proof that Secure Boot bypasses are not just an urban legend

Although it hasn't been seen in the wild yet

AI-powered penetration tool, an attacker's dream, downloaded 10K times in 2 months

Shady, China-based company, all the apps needed for a fully automated attack - sounds totally legit

Spectre haunts CPUs again: VMSCAPE vulnerability leaks cloud secrets

AMD Zen hardware and Intel Coffee Lake affected

Apple slips up on ChillyHell macOS malware, lets it past security . . . for 4 years

'We do believe that this was likely the creation of a cybercrime group,' threat hunter tells The Reg

Someone upset at ransomware infecting their PC

The crazy, true story behind the first AI-powered ransomware

tldr; boffins did it

UK DARPA clone spared savings squeeze while Treasury raided government

ARIA spent £16.5M, has £600M in the tank, and no one asked for it back

Biased bots: AI hiring managers shortlist candidates with AI resumes

When AI runs recruiting, the winning move is using the same bot

Internet mapping and research outfit Censys reveals state-based abuse, harassment

‘Universities are being used to proxy offensive government operations, turning research access decisions political’

AI spies questionable science journals, with some human help

"Louis, I think this is the beginning of a beautiful friendship"

Researcher who found McDonald's free-food hack turns her attention to Chinese restaurant robots

The controls were left wide open on Pudu's robots

ChatGPT hates LA Chargers fans

Harvard researchers find model guardrails tailor query responses to user's inferred politics and other affiliations

Who are you again? Infosec experiencing 'Identity crisis' amid rising login attacks

Vendor insists passkeys are the future, but getting workers on board is proving difficult

AI robs jobs from recent college grads, but isn't hurting wages, Stanford study says

Machine-learning models are automating away some entry-level roles

Search-capable AI agents may cheat on benchmark tests

Fake CAPTCHA tests trick users into running malware

Google yet to take down 'screenshot-grabbing' Chrome VPN extension

Patches

Amazon quietly fixed Q Developer flaws that made AI agent vulnerable to prompt injection, RCE

AI skeptics zone out when chatbots get preachy

ChatGPT's attempt to disambiguate the duck-rabbit optical illusion

Vision AI models see optical illusions when none exist

Illustration of someone having their face analyzed by facial recognition

Facial recognition works better in the lab than on the street, researchers show

Boffins say tool can sniff 5G traffic, launch 'attacks' without using rogue base stations

'MadeYouReset' HTTP/2 flaw lets attackers DoS servers

Chinese biz using AI to hit US politicians, influencers with propaganda

Infosec hounds spot prompt injection vuln in Google Gemini apps

German security researchers say 'Windows Hell No' to Microsoft biometrics for biz

How to train your robot: Wear a tiny one in a baby carrier

Cybercrooks attached Raspberry Pi to bank network and drained ATM cash

Silk Typhoon spun a web of patents for offensive cyber tools, report says

'It looks sexy but it's wrong' – the problem with AI in biology and medicine

Coyote malware abuses Microsoft's UI Automation to hunt banking creds

'Goodbye' in several languages on a wall at Hong Kong airport

AWS closes China AI research center, citing boilerplate 'business priorities'

Personal Tech

Guy in shirt and tie visits the beach. wearing 'beach business-casual'. Photo by Shutterstock

Science confirms what we all suspected: Four-day weeks rule

Quantum code breaking? You'd get further with an 8-bit computer, an abacus, and a dog

Crims hijacking fully patched SonicWall VPNs to deploy stealthy backdoor and rootkit

German team warns ChatGPT is changing how you talk

Illustration of someone talking to an AI agent

Former Google DeepMind engineer behind Simular says other AI agents are doing it wrong

Nvidia A6000 GPUs flip memory bits if beaten by GPUHammer

On-Prem

A foggy morning with a view of the IBM Almaden Research Center from the Santa Teresa County Park in San Jose, California

IBM moves scientists out of Almaden Research Center

At last, a use case for AI agents with sky-high ROI: Stealing crypto

How to trick ChatGPT into revealing Windows keys? I give up

Edge and Chrome logos next to each other

Massive browser hijacking campaign infects 2.3M Chrome, Edge users

Scholars sneaking phrases into papers to fool AI reviewers

Cold without the compressor: Boffins build better ice box

AI models just don't understand what they're talking about

ChatGPT creates phisher’s paradise by recommending the wrong URLs for major companies

Cl0p cybercrime gang's data exfiltration tool found vulnerable to RCE attacks

Computer vision research feeds surveillance tech as patent links spike 5×

Illustration of a voice recognition system

Boffins devise voice-altering tech to jam 'vishing' schemes

Brain activity much lower when using AI chatbots, MIT boffins find

Public Sector

Judge smacks down Pentagon plan to slash university research funding awards

Do you trust Xi with your 'private' browsing data? Apple, Google stores still offer China-based VPNs, report says

Salesforce West and Salesforce East towers in SOMA district

Salesforce tags 5 CVEs after SaaS security probe uncovers misconfig risks

Critical Wazuh bug exploited in growing Mirai botnet infection

Peep show: 40K IoT cameras worldwide stream secrets to anyone with a browser

Apple AI boffins puncture AGI hype as reasoning models flail on complex planning

milosk50 http://www.shutterstock.com/gallery-1721443p1.html

Chinese spy crew appears to be preparing for conflict by backdooring 75+ critical orgs

ChatGPT used for evil: Fake IT worker resumes, misinfo, and cyber-op assist

UK tech job openings climb 21% to pre-pandemic highs

AI kept 15-year-old zombie vuln alive, but its time is drawing near

Meta pauses mobile port tracking tech on Android after researchers cry foul

American science put on starvation diet

8,000+ Asus routers popped in 'advanced' mystery botnet plot

Boffins devise technique that lets users prove location without giving it away

Intel's data-leaking Spectre defenses scared off yet again

Boffins warn that AI paper mills are swamping science with garbage studies

CxO

Colorful silhouettes of office workers in a corporate environment

Bosses weren’t being paranoid: Remote workers more likely to start own biz

You think ransomware is bad now? Wait until it infects CPUs

Offbeat

Yolk's on you – eggs break less when they land sideways

WHite lab coated scientist looks sceptical in front of microscope. Photo by Shutterstock

US govt's science foundation purges 37 divisions, equity unit among casualties

AI Infrastructure Month

Microsoft wants us to believe AI will crack practical fusion power, driving future AI

Enterprise tech dominates zero-day exploits with no signs of slowdown

Illustration of someone leaving work after being fired while robots line up for a job

Generative AI is not replacing jobs or hurting wages at all, economists claim

Little robot teaching math to other robots

DARPA to 'radically' rev up mathematics research. Yes, with AI

Booby-trapped Alpine Quest Android app geolocates Russian soldiers

A pot of $250K is now available to ransomware researchers, but it feeds a commercial product

Chinese snoops use stealth RAT to backdoor US orgs – still active last week

Someone holding an illuminated light bulb against green grass

UK's answer to DARPA sprouts new ideas, like programmable plants

Scattered Spider stops the Rickrolls, starts the RAT race

Brit universities told to keep up the world-class research with less cash

Speech now streaming from brains in real-time

Top cybersecurity boffin, wife vanish as FBI raids homes

Malware in Lisp? Now you're just being cruel

Donald Trump looking pleased with himself

Revenge of the nerds: Teachers, professors sue to undo Trump science funding cuts

Steam punk style vampire hunter with a gun

VanHelsing ransomware emerges to put a stake through your Windows heart

Paragon spyware deployed against journalists and activists, Citizen Lab claims

Boffins 3D-print artificial iris muscle that flexes both ways

Trump, photo by uplift the world via Shutterstock

US tech jobs outlook clouded by DOGE cuts, Trump tariffs

Microsoft isn't fixing 8-year-old shortcut exploit abused for spying

Google acquisition target Wiz links fresh supply chain attack to 23K pwned GitHub repos

Los Alamos boffins whip up a speedometer for satellites

That 'angry guest' email from Booking.com? It's a scam, not a 1-star review

DeepSeek can be gently persuaded to spit out malware code

From pantyhose to power cells, nylon gives lithium batteries a leg up

MINJA sneak attack poisons AI models for other chatbot users

Three Mile Island Nuclear power generating station

Sidewinder goes nuclear, charts course for maritime mayhem in tactics shift

We call this kernel saunters: How Apple rearranged its XNU core with exclaves

Surprise! People don't want AI deciding who gets a kidney transplant and who dies or endures years of misery

MITRE Caldera security suite scores perfect 10 for insecurity

China's Silver Fox spoofs medical imaging apps to hijack patients' computers

potential attack on water systems . ops platform

Malware variants that target operational tech systems are very rare – but 2 were found last year

Critical flaws in Mongoose library expose MongoDB to data thieves, code execution

Personal Tech

Dark mode might be burning more juice than you think

Microsoft shows off novel quantum chip that can scale to 'a million qubits'. So far: Eight

Snake Keylogger slithers into Windows, evades detection with AutoIt-compiled payload

XCSSET macOS malware returns with first new version since 2022

Critical PostgreSQL bug tied to zero-day attack on US Treasury

North Korea targets crypto developers via NPM supply chain attack

Russia's Sandworm caught snarfing credentials, data from American and Brit orgs

Oxford researchers pull off quantum first with distributed gate teleportation

A smartly dressed office worker sits comfortably with their feet resting on a clean desk in a well-organized modern office. Their PC depicts an AI application . The worker appears relaxed as if they're savoring the luxury of having their workload handled by their digital counterpart, the overall atmosphere exuding a mix of productivity and relief at not having to work too hard

Some workers already let AI do the thinking for them, Microsoft researchers find

Offbeat

Eggheads crack the code for the perfect soft boil

Systems

Los Alamos lab to research next-gen chip technologies

CSO

Abandoned AWS S3 buckets can be reused in supply-chain attacks that would make SolarWinds look 'insignificant'

Public Sector

Trump scrubs all mention of DEI, gender, climate change from federal websites

Canvassing apps used by UK political parties riddled with privacy, security issues

Systems

Tiny Linux kernel tweak could cut datacenter power use by 30%, boffins say

SLAP, Apple, and FLOP: Safari, Chrome at risk of data theft on iPhone, Mac, iPad Silicon

'Savvy' shortcuts produce near-instant speech-to-speech translation of 36 languages

AWS Re:Invent in Las Vegas, December 2024

Ransomware crew abuses AWS native encryption, sets data-destruct timer for 7 days

DNA sequencers found running ancient BIOS, posing risk to clinical research

Crims backdoored the backdoors they supplied to other miscreants. Then the domains lapsed

Software

Futuristic face laid over program source code

AI can improve on code it writes, but you have to know how to ask

FireScam infostealer poses as Telegram Premium app to surveil Android devices

Twigstats software sheds light on mysteries of Europe's old-school migrators

Boffins trick AI model into giving up its secrets

Iran-linked crew used custom 'cyberweapon' in US critical infrastructure attacks

Fully patched Cleo products under renewed 'zero-day-ish' mass attack

Crooks stole AWS credentials from misconfigured sites then kept them in open S3 bucket

British boffins build diamond battery capable of working for a millennium or five

Data broker leaves 600K+ sensitive files exposed online

AI Software Development Week

First-ever UEFI bootkit for Linux in the works, experts say

We can clone you wholesale: Boffins build ML agents that respond like specific people