research

AI security risks are also cultural and developmental

AI security risks are also cultural and developmental 2026-01-05 at 08:32 By Anamarija Pogorelec Security teams spend much of their time tracking vulnerabilities, abuse patterns, and system failures. A new study argues that many AI risks sit deeper than technical flaws. Cultural assumptions, uneven development, and data gaps shape how AI systems behave, where they […]

AI security risks are also cultural and developmental Read More »

Radio signals could give attackers a foothold inside air-gapped devices

Radio signals could give attackers a foothold inside air-gapped devices 2025-12-30 at 09:25 By Sinisa Markovic Air-gapped systems are meant to stay quiet. Remove network ports, lock down inputs, and the device should have nothing to hear. A new study shows that this breaks down when software control is lost. Embedded devices with no radios

Radio signals could give attackers a foothold inside air-gapped devices Read More »

LLMs are automating the human part of romance scams

LLMs are automating the human part of romance scams 2025-12-29 at 09:03 By Sinisa Markovic Romance scams succeed because they feel human. New research shows that feeling no longer requires a person on the other side of the chat. The three stages of a romance-baiting scam Romance scams depend on scripted conversation Romance baiting scams

LLMs are automating the human part of romance scams Read More »

LLMs can assist with vulnerability scoring, but context still matters

LLMs can assist with vulnerability scoring, but context still matters 2025-12-26 at 08:26 By Sinisa Markovic Every new vulnerability disclosure adds another decision point for already stretched security teams. A recent study explores whether LLMs can take on part of that burden by scoring vulnerabilities at scale. While the results show promise in specific areas,

LLMs can assist with vulnerability scoring, but context still matters Read More »

What if your face could say “don’t record me”? Researchers think it’s possible

What if your face could say “don’t record me”? Researchers think it’s possible 2025-12-24 at 10:01 By Sinisa Markovic Phones, smart glasses, and other camera-equipped devices capture scenes that include people who never agreed to be recorded. A newly published study examines what it would take for bystanders to signal their privacy choices directly to

What if your face could say “don’t record me”? Researchers think it’s possible Read More »

Counterfeit defenses built on paper have blind spots

Counterfeit defenses built on paper have blind spots 2025-12-24 at 08:17 By Anamarija Pogorelec Counterfeit protection often leans on the idea that physical materials have quirks no attacker can copy. A new study challenges that comfort by showing how systems built on paper surface fingerprints can be disrupted or bypassed. The research comes from teams

Counterfeit defenses built on paper have blind spots Read More »

Formal proofs expose long standing cracks in DNSSEC

Formal proofs expose long standing cracks in DNSSEC 2025-12-23 at 09:41 By Sinisa Markovic DNSSEC is meant to stop attackers from tampering with DNS answers. It signs records so resolvers can verify that data is authentic and unchanged. Many security teams assume that if DNSSEC validation passes, the answer can be trusted. New academic research

Formal proofs expose long standing cracks in DNSSEC Read More »

Weak enforcement keeps PCI DSS compliance low

Weak enforcement keeps PCI DSS compliance low 2025-12-23 at 09:41 By Sinisa Markovic Payment card breaches continue to surface across industries, even after years of investment in security standards. A new study links this pattern to enforcement, showing that PCI DSS compliance trails behind HIPAA, GDPR, and the EU’s NIS2 Directive. A compliance gap that

Weak enforcement keeps PCI DSS compliance low Read More »

Browser agents don’t always respect your privacy choices

Browser agents don’t always respect your privacy choices 2025-12-22 at 08:49 By Sinisa Markovic Browser agents promise to handle online tasks without constant user input. They can shop, book reservations, and manage accounts by driving a web browser through an AI model. A new academic study warns that this convenience comes with privacy risks that

Browser agents don’t always respect your privacy choices Read More »

LLMs work better together in smart contract audits

LLMs work better together in smart contract audits 2025-12-19 at 08:42 By Sinisa Markovic Smart contract bugs continue to drain real money from blockchain systems, even after years of tooling and research. A new academic study suggests that large language models can spot more of those flaws when they work in coordinated groups instead of

LLMs work better together in smart contract audits Read More »

Privacy risks sit inside the ads that fill your social media feed

Privacy risks sit inside the ads that fill your social media feed 2025-12-18 at 08:34 By Sinisa Markovic Regulatory limits on explicit targeting have not stopped algorithmic profiling on the web. Ad optimization systems still adapt which ads appear based on users’ private attributes. At the same time, multimodal LLMs have lowered the barrier for

Privacy risks sit inside the ads that fill your social media feed Read More »

Should AI access be treated as a civil right across generations?

Should AI access be treated as a civil right across generations? 2025-12-18 at 08:10 By Sinisa Markovic AI use is expanding faster than the infrastructure that supports it, and that gap is starting to matter for security, resilience, and access. A new position paper argues that access to AI should be treated as an intergenerational

Should AI access be treated as a civil right across generations? Read More »

Why vulnerability reports stall inside shared hosting companies

Why vulnerability reports stall inside shared hosting companies 2025-12-17 at 09:24 By Mirko Zorz Security teams keep sending vulnerability notifications, and the same pattern keeps repeating. Many alerts land, few lead to fixes. A new qualitative study digs into what happens after those reports arrive and explains why remediation so often stops short. The research

Why vulnerability reports stall inside shared hosting companies Read More »

Banks built rules for yesterday’s crime and RegTech is trying to fix that

Banks built rules for yesterday’s crime and RegTech is trying to fix that 2025-12-17 at 08:32 By Sinisa Markovic Criminals are moving money across borders faster, and financial institutions are feeling the squeeze. Compliance teams feel this strain every day as they try to keep up with schemes that shift through accounts, intermediaries, and digital

Banks built rules for yesterday’s crime and RegTech is trying to fix that Read More »

AI might be the answer for better phishing resilience

AI might be the answer for better phishing resilience 2025-12-16 at 08:44 By Sinisa Markovic Phishing is still a go-to tactic for attackers, which is why even small gains in user training are worth noticing. A recent research project from the University of Bari looked at whether LLMs can produce training that helps people spot

AI might be the answer for better phishing resilience Read More »

How researchers are teaching AI agents to ask for permission the right way

How researchers are teaching AI agents to ask for permission the right way 2025-12-15 at 09:06 By Mirko Zorz People are starting to hand more decisions to AI agents, from booking trips to sorting digital files. The idea sounds simple. Tell the agent what you want, then let it work through the steps. The hard

How researchers are teaching AI agents to ask for permission the right way Read More »

What 35 years of privacy law say about the state of data protection

What 35 years of privacy law say about the state of data protection 2025-12-12 at 09:52 By Anamarija Pogorelec Privacy laws have expanded around the world, and security leaders now work within a crowded field of requirements. New research shows that these laws provide stronger rights and duties, but the protections do not always translate

What 35 years of privacy law say about the state of data protection Read More »

LLM privacy policies keep getting longer, denser, and nearly impossible to decode

LLM privacy policies keep getting longer, denser, and nearly impossible to decode 2025-12-12 at 08:30 By Sinisa Markovic People expect privacy policies to explain what happens to their data. What users get instead is a growing wall of text that feels harder to read each year. In a new study, researchers reviewed privacy policies for

LLM privacy policies keep getting longer, denser, and nearly impossible to decode Read More »

LLM vulnerability patching skills remain limited

LLM vulnerability patching skills remain limited 2025-12-11 at 08:47 By Sinisa Markovic Security teams are wondering whether LLMs can help speed up patching. A new study tests that idea and shows where the tools hold up and where they fall short. The researchers tested LLMs from OpenAI, Meta, DeepSeek, and Mistral to see how well

LLM vulnerability patching skills remain limited Read More »

The hidden dynamics shaping who produces influential cybersecurity research

The hidden dynamics shaping who produces influential cybersecurity research 2025-12-10 at 08:52 By Mirko Zorz Cybersecurity leaders spend much of their time watching how threats and tools change. A new study asks a different question, how has the research community itself changed over the past two decades. Researchers from the University of Southampton examined two

The hidden dynamics shaping who produces influential cybersecurity research Read More »

Scroll to Top