Security news aggregator

Latest coverage for Research

Research examines attack methods, defenses, and vulnerabilities, helping security teams understand risks and improve protection.

21 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Research is the systematic study of technologies, systems, attack methods, vulnerabilities, and defensive techniques to establish evidence and produce new findings. In information security, it includes work such as discovering flaws in software or protocols, analyzing malware and attacker behavior, testing cryptographic designs, and evaluating security controls. News under this tag may describe a proof of concept, a measurement study, or a proposed technique rather than a confirmed real-world attack.

For practitioners, research can change how risks are prioritized and mitigated. A demonstrated vulnerability may require vulnerability-management teams to verify affected assets, apply fixes, or add compensating controls; responsible disclosure gives developers time to assess and remediate before technical details enable exploitation. Research involving live systems, personal data, or offensive tooling also raises privacy, authorization, dual-use, and ethical concerns. Sound findings should state their assumptions, scope, limitations, and reproducibility, since laboratory results do not automatically show that an attack is practical in every environment.

Showing 20 most recent headlines of 21 Filtered view
Bank Info Security 8 months, 2 weeks ago

ClickFix Infrastructure Surprises Inform Better Blocking

Big Crossover Found Between ClickFix and Adversary-in-the-Middle InfrastructureTracking how cybercriminals and their service providers use malicious infrastructure can give defenders an edge for blocking their targeting. New research spotted a massive crossover between IP addresses used for both ClickFix and adversary-in-the-middle attacks.

Cybersecurity researchers have uncovered yet another active software supply chain attack campaign targeting the npm registry with over 100 malicious packages that can steal authentication tokens, CI/CD secrets, and GitHub credentials from developers' machines

Bank Info Security 8 months, 2 weeks ago

Securing EMV: 'More Is Less' for Security, Researchers Find

Add-On EMV Features Put Merchants at Risk to High-Charging 'Free Lunch' CrooksVariations in how EMV ecosystem players implement the standard, as well as a bevy of features they've bolted on - transit modes, offline payment restrictions - have been "overloading" the specification and introducing exploitable vulnerabilities, warn a team of researchers.

A group of academic researchers from Georgia Tech, Purdue University, and Synkhronix have developed a side-channel attack called TEE.Fail that allows for the extraction of secrets from the trusted execution environment (TEE) in a computer's main processor, including Intel's Software Guard eXtensions (SGX) and Trust Domain Extensions (TDX) and AMD's Secure Encrypted Virtualization with Secure

Research submitted to Parliament details deaths, raids, and mental trauma linked to 2022 relocation leak Research submitted to the UK Parliament has revealed explicit threats to life and the deaths of family members and colleagues directly linked to the Ministry of Defence's 2022 Afghan relocation scheme data breach.…

Bank Info Security 8 months, 2 weeks ago

Infosecurity Europe 2025: Securing an Uncertain World

Compendium Features Dozens of In-Depth Interviews With CEOs, CISOs and ResearchersWelcome to Information Security Media Group's Infosecurity Europe 2025 Compendium featuring cybersecurity insights from industry's top researchers, CEOs, CISOs, government leaders and more. Inside this guide, you'll find links to video interviews created by ISMG.Studio.

Cybersecurity researchers have discovered a new vulnerability in OpenAI's ChatGPT Atlas web browser that could allow malicious actors to inject nefarious instructions into the artificial intelligence (AI)-powered assistant's memory and run arbitrary code

Loading more headlines...