Security news aggregator

Latest coverage for Research

Research examines attack methods, defenses, and vulnerabilities, helping security teams understand risks and improve protection.

13 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Research is the systematic study of technologies, systems, attack methods, vulnerabilities, and defensive techniques to establish evidence and produce new findings. In information security, it includes work such as discovering flaws in software or protocols, analyzing malware and attacker behavior, testing cryptographic designs, and evaluating security controls. News under this tag may describe a proof of concept, a measurement study, or a proposed technique rather than a confirmed real-world attack.

For practitioners, research can change how risks are prioritized and mitigated. A demonstrated vulnerability may require vulnerability-management teams to verify affected assets, apply fixes, or add compensating controls; responsible disclosure gives developers time to assess and remediate before technical details enable exploitation. Research involving live systems, personal data, or offensive tooling also raises privacy, authorization, dual-use, and ethical concerns. Sound findings should state their assumptions, scope, limitations, and reproducibility, since laboratory results do not automatically show that an attack is practical in every environment.

Showing 13 most recent headlines Filtered view
Bank Info Security 2 years, 3 months ago

ShadowRay Attack Strikes AI Workloads

Thousands of AI Workloads Compromised Amid CVE Vulnerability DisputeAn active attack campaign dubbed ShadowRay is targeting the widely used Ray open-source artificial intelligence scaling framework. It stems from a vulnerability that researchers say is a flaw but that Ray's developers say is a deliberate design choice.

Bank Info Security 2 years, 3 months ago

Hackers Developing Malicious LLMs After WormGPT Falls Flat

Crooks Are Recruiting AI Experts to Jailbreak Existing LLM GuardrailsCybercrooks are exploring ways to develop custom, malicious large language models after existing tools such as WormGPT failed to cater to their demands for advanced intrusion capabilities, security researchers say. Undergrounds forums teem with hackers' discussions about how to exploit guardrails.

Cybersecurity researchers are warning that threat actors are actively exploiting a "disputed" and unpatched vulnerability in an open-source artificial intelligence (AI) platform called Anyscale Ray to hijack computing power for illicit cryptocurrency mining

Bank Info Security 2 years, 3 months ago

iSoon Leak Shows Links to Chinese APT Groups

The Firm Is Operating Alongside RedHotel, RedAlpha and Poison CarpChinese hacking contractor iSoon supported three separate cyberespionage operations on behalf of Beijing, say security researchers who analyzed a leaked data trove belonging to the firm. Details of the inside workings of the previously obscure Chinese hacking-for-hire firm emerged in February.

Bank Info Security 2 years, 3 months ago

Report Urges Congress to Form an Armed Cyber Military Branch

Research Shows Military Suffers From Disjointed Cyber Operations Amid New ThreatsThe Foundation for Defense of Democracies on Monday released a white paper that urges Congress to establish a seventh military branch to serve as an independent armed cyber service amid growing threats in cyberspace from foreign adversaries such as Russia and China.