Security news aggregator

Latest coverage for Research

Research examines attack methods, defenses, and vulnerabilities, helping security teams understand risks and improve protection.

8 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Research is the systematic study of technologies, systems, attack methods, vulnerabilities, and defensive techniques to establish evidence and produce new findings. In information security, it includes work such as discovering flaws in software or protocols, analyzing malware and attacker behavior, testing cryptographic designs, and evaluating security controls. News under this tag may describe a proof of concept, a measurement study, or a proposed technique rather than a confirmed real-world attack.

For practitioners, research can change how risks are prioritized and mitigated. A demonstrated vulnerability may require vulnerability-management teams to verify affected assets, apply fixes, or add compensating controls; responsible disclosure gives developers time to assess and remediate before technical details enable exploitation. Research involving live systems, personal data, or offensive tooling also raises privacy, authorization, dual-use, and ethical concerns. Sound findings should state their assumptions, scope, limitations, and reproducibility, since laboratory results do not automatically show that an attack is practical in every environment.

Showing 8 most recent headlines Filtered view
Bank Info Security 4 months, 3 weeks ago

Android Malware Taps Google Gemini at Runtime

Researchers Say PromptSpy Automates Persistence on Infected DevicesA newly discovered Android malware strain, "PromptSpy," is using Google's Gemini generative artificial intelligence model to automate part of its persistence mechanism, marking what researchers describe as the second known case of AI-driven mobile malware.

Bank Info Security 4 months, 4 weeks ago

Massiv Attack: Android Trojan Targets IPTV Users

New Trojan May Soon Be Offered for Sale to Criminal UndergroundSecurity researchers warn of "Massiv," an Android Trojan - disguised as an IPTV app - targeting users who sideload streaming apps. The malware enables screen capture, overlays and credential theft - and may soon be marketed on criminal underground forums as malware as a service.

Bank Info Security 4 months, 4 weeks ago

'Promptware' Attacks Await an Unprepared AI Industry

Researchers Say AI Prompt Injection Has Emerged As a Dangerous New Class of AttacksThe large language model industry has mostly treated prompt injection attacks as a risk analogous to traditional web server prompt injection attacks. Researchers now say feeding rogue instructions to an artificial intelligence system merits its own classification as "promptware."

Bank Info Security 4 months, 4 weeks ago

'Pomptware' Attacks Await an Unprepared AI Industry

Researchers Say AI Prompt Injection Has Emerged As a Dangerous New Class of AttacksThe large language model industry has mostly treated prompt injection attacks as a risk analogous to traditional web server prompt injection attacks. Researchers now say feeding rogue instructions to an artificial intelligence system merits its own classification as "promptware."

Malware Campaign Uses Lures With Positive Portrayal of Anti-Tehran ProtestsA new malware campaign is using a positive-sounding report into the recent protests in Iran, accompanied by real photos and videos, as lures in an apparent cyberespionage operation designed to conduct surveillance of dissident researchers and global communities, warn security researchers.

'Malicious Server Threat Model' Threatens 'Zero Knowledge Encryption' GuaranteesClaims by leading stand-alone password managers that their implementation of "zero knowledge encryption" means stored passwords can withstand the worst of hacker assaults are vastly overblown, say academic security researchers. They said vendors are in the process of patching the flaws they found.