research

Academics Build AI-Powered Android Vulnerability Discovery and Validation Tool

A2, AI, Android, Artificial Intelligence, research, vulnerability /

Academics Build AI-Powered Android Vulnerability Discovery and Validation Tool 2025-09-05 at 16:44 By Ionut Arghire Called A2, the framework mimics human analysis to identify vulnerabilities in Android applications and then validates them. The post Academics Build AI-Powered Android Vulnerability Discovery and Validation Tool appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View […]

Academics Build AI-Powered Android Vulnerability Discovery and Validation Tool Read More »

Stealthy attack serves poisoned web pages only to AI agents

agentic AI, AI, Don't miss, Hot stuff, JFrog, News, prompt injection, research /

Stealthy attack serves poisoned web pages only to AI agents 2025-09-05 at 14:30 By Zeljka Zorz AI agents can be tricked into covertly performing malicious actions by websites that are hidden from regular users’ view, JFrog AI architect Shaked Zychlinski has found. This novel approach allows attackers to inject prompts / instructions into these autonomous

Stealthy attack serves poisoned web pages only to AI agents Read More »

Can AI agents catch what your SOC misses?

Artificial Intelligence, cybersecurity, Don't miss, Features, framework, Hot stuff, network monitoring, News, open source, research, security operations, SOC /

Can AI agents catch what your SOC misses? 2025-09-02 at 10:45 By Mirko Zorz A new research project called NetMoniAI shows how AI agents might reshape network monitoring and security. Developed by a team at Texas Tech University, the framework brings together two ideas: distributed monitoring at the edge and AI-driven analysis at the center.

Can AI agents catch what your SOC misses? Read More »

KillChainGraph: Researchers test machine learning framework for mapping attacker behavior

CISO, cyber resilience, cybersecurity, Don't miss, Features, framework, Hot stuff, machine learning, MITRE ATT&CK, News, OWASP, reconnaissance, research, security operations, SOC /

KillChainGraph: Researchers test machine learning framework for mapping attacker behavior 2025-09-01 at 09:21 By Mirko Zorz A team of researchers from Frondeur Labs, DistributedApps.ai, and OWASP has developed a new machine learning framework designed to help defenders anticipate attacker behavior across the stages of the Cyber Kill Chain. The work explores how machine learning models

KillChainGraph: Researchers test machine learning framework for mapping attacker behavior Read More »

New framework aims to outsmart malware evasion tricks

Aryaka, cybersecurity, Don't miss, Features, framework, Hot stuff, machine learning, Malware, News, research /

New framework aims to outsmart malware evasion tricks 2025-08-29 at 10:03 By Mirko Zorz Attackers have learned how to trick machine learning malware detectors with small but clever code changes, and researchers say they may finally have an answer. In a new paper, academics from Inria and the CISPA Helmholtz Center for Information Security describe

New framework aims to outsmart malware evasion tricks Read More »

ScamAgent shows how AI could power the next wave of scam calls

Artificial Intelligence, CISO, cybercrime, Don't miss, Features, Hot stuff, News, Qualys, research, scams /

ScamAgent shows how AI could power the next wave of scam calls 2025-08-28 at 09:03 By Mirko Zorz Scam calls have long been a problem for consumers and enterprises, but a new study suggests they may soon get an upgrade. Instead of a human scammer on the other end of the line, future calls could

ScamAgent shows how AI could power the next wave of scam calls Read More »

AI Security Map: Linking AI vulnerabilities to real-world impact

AppOmni, Artificial Intelligence, CISO, cybersecurity, Don't miss, Features, Hot stuff, LLMs, News, research, Vectra AI /

AI Security Map: Linking AI vulnerabilities to real-world impact 2025-08-27 at 09:40 By Mirko Zorz A single prompt injection in a customer-facing chatbot can leak sensitive data, damage trust, and draw regulatory scrutiny in hours. The technical breach is only the first step. The real risk comes from how quickly one weakness in an AI

AI Security Map: Linking AI vulnerabilities to real-world impact Read More »

LLMs at the edge: Rethinking how IoT devices talk and act

Artificial Intelligence, Don't miss, Features, Hot stuff, IEEE, Internet of Things, LLMs, networking, News, research, smart home, Sumo Logic /

LLMs at the edge: Rethinking how IoT devices talk and act 2025-08-26 at 08:01 By Mirko Zorz Anyone who has set up a smart home knows the routine: one app to dim the lights, another to adjust the thermostat, and a voice assistant that only understands exact phrasing. These systems call themselves smart, but in

LLMs at the edge: Rethinking how IoT devices talk and act Read More »

Why a new AI tool could change how we test insider threat defenses

Artificial Intelligence, cyber risk, cybersecurity, Don't miss, Features, Hot stuff, Insider Threat, LLMs, News, research, Risk Management /

Why a new AI tool could change how we test insider threat defenses 2025-08-25 at 09:04 By Mirko Zorz Insider threats are among the hardest attacks to detect because they come from people who already have legitimate access. Security teams know the risk well, but they often lack the data needed to train systems that

Why a new AI tool could change how we test insider threat defenses Read More »

Password Managers Vulnerable to Data Theft via Clickjacking

Data Protection, password manager, research, Vulnerabilities, vulnerability /

Password Managers Vulnerable to Data Theft via Clickjacking 2025-08-21 at 15:18 By Eduard Kovacs A researcher has tested nearly a dozen password managers and found that they were all vulnerable to clickjacking attacks. The post Password Managers Vulnerable to Data Theft via Clickjacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Password Managers Vulnerable to Data Theft via Clickjacking Read More »

Using lightweight LLMs to cut incident response times and reduce hallucinations

Artificial Intelligence, CISO, cybersecurity, Don't miss, Features, Hot stuff, Incident Response, LLMs, News, research, security operations, strategy, Threat Intelligence, tips /

Using lightweight LLMs to cut incident response times and reduce hallucinations 2025-08-21 at 09:03 By Mirko Zorz Researchers from the University of Melbourne and Imperial College London have developed a method for using LLMs to improve incident response planning with a focus on reducing the risk of hallucinations. Their approach uses a smaller, fine-tuned LLM

Using lightweight LLMs to cut incident response times and reduce hallucinations Read More »

Android VPN apps used by millions are covertly connected AND insecure

Android, Don't miss, Hot stuff, mobile apps, News, Privacy, research, VPN /

Android VPN apps used by millions are covertly connected AND insecure 2025-08-19 at 17:07 By Zeljka Zorz Three families of Android VPN apps, with a combined 700 million-plus Google Play downloads, are secretly linked, according to a group of researchers from Arizona State University and Citizen Lab. Finding the secret links Virtual private networks (VPNs)

Android VPN apps used by millions are covertly connected AND insecure Read More »

New Research Links VPN Apps, Highlights Security Deficiencies

Privacy, research, VPN /

New Research Links VPN Apps, Highlights Security Deficiencies 2025-08-19 at 12:17 By Ionut Arghire Citizen Lab has identified links between multiple VPN providers, and multiple security weaknesses in their mobile applications. The post New Research Links VPN Apps, Highlights Security Deficiencies appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

New Research Links VPN Apps, Highlights Security Deficiencies Read More »

What happens when penetration testing goes virtual and gets an AI coach

Artificial Intelligence, Don't miss, Features, framework, Hot stuff, News, penetration testing, research, Sectigo, skill development, training /

What happens when penetration testing goes virtual and gets an AI coach 2025-08-19 at 09:32 By Mirko Zorz Cybersecurity training often struggles to match the complexity of threats. A new approach combining digital twins and LLMs aims to close that gap. Researchers from the University of Bari Aldo Moro propose using Cyber Digital Twins (CDTs)

What happens when penetration testing goes virtual and gets an AI coach Read More »

New NIST guide explains how to detect morphed images

authentication, cybercrime, Don't miss, how-to, News, NIST, research, scams, tips /

New NIST guide explains how to detect morphed images 2025-08-18 at 18:00 By Sinisa Markovic Face morphing software can blend two people’s photos into one image, making it possible for someone to fool identity checks at buildings, airports, borders, and other secure places. These morphed images can trick face recognition systems into linking the photo

New NIST guide explains how to detect morphed images Read More »

Free Wi-Fi Leaves Buses Vulnerable to Remote Hacking

bus, car hacking, IoT Security, research /

Free Wi-Fi Leaves Buses Vulnerable to Remote Hacking 2025-08-09 at 14:00 By Eduard Kovacs Researchers showed how flaws in a bus’ onboard and remote systems can be exploited by hackers for tracking, control and spying.  The post Free Wi-Fi Leaves Buses Vulnerable to Remote Hacking appeared first on SecurityWeek. This article is an excerpt from

Free Wi-Fi Leaves Buses Vulnerable to Remote Hacking Read More »

New AI model offers faster, greener way for vulnerability detection

Artificial Intelligence, cybersecurity, Don't miss, Features, Hot stuff, LLMs, News, research, vulnerability assessment /

New AI model offers faster, greener way for vulnerability detection 2025-07-31 at 08:33 By Mirko Zorz A team of researchers has developed a new AI model, called White-Basilisk, that detects software vulnerabilities more efficiently than much larger systems. The model’s release comes at a time when developers and security teams face mounting pressure to secure

New AI model offers faster, greener way for vulnerability detection Read More »

Machine unlearning gets a practical privacy upgrade

cybersecurity, Don't miss, EU, Europe, Features, Hot stuff, machine learning, News, Privacy, research /

Machine unlearning gets a practical privacy upgrade 2025-07-17 at 09:08 By Mirko Zorz Machine learning models are everywhere now, from chatbots to credit scoring tools, and they carry traces of the data they were trained on. When someone asks to have their personal data erased under laws like the GDPR, their data also needs to

Machine unlearning gets a practical privacy upgrade Read More »

AsyncRAT evolves as ESET tracks its most popular malware forks

cybercrime, cybersecurity, Don't miss, ESET, Keylogger, Malware, News, Remote Access Trojan, research, trojan /

AsyncRAT evolves as ESET tracks its most popular malware forks 2025-07-15 at 12:50 By Sinisa Markovic AsyncRAT is an open-source remote access trojan that first appeared on GitHub in 2019. It includes a range of typical RAT capabilities, such as keylogging, screen capture, credential theft, and more. Its simplicity and open-source design have made it

AsyncRAT evolves as ESET tracks its most popular malware forks Read More »

Train Hack Gets Proper Attention After 20 Years: Researcher 

ICS/OT, OT, railway, research, train /

Train Hack Gets Proper Attention After 20 Years: Researcher  2025-07-14 at 18:22 By Eduard Kovacs A vulnerability affecting systems named End-of-Train and Head-of-Train can be exploited by hackers to cause trains to brake.  The post Train Hack Gets Proper Attention After 20 Years: Researcher  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Train Hack Gets Proper Attention After 20 Years: Researcher  Read More »

Scroll to Top