Security news aggregator

Latest coverage for Research

Research examines attack methods, defenses, and vulnerabilities, helping security teams understand risks and improve protection.

22 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Research is the systematic study of technologies, systems, attack methods, vulnerabilities, and defensive techniques to establish evidence and produce new findings. In information security, it includes work such as discovering flaws in software or protocols, analyzing malware and attacker behavior, testing cryptographic designs, and evaluating security controls. News under this tag may describe a proof of concept, a measurement study, or a proposed technique rather than a confirmed real-world attack.

For practitioners, research can change how risks are prioritized and mitigated. A demonstrated vulnerability may require vulnerability-management teams to verify affected assets, apply fixes, or add compensating controls; responsible disclosure gives developers time to assess and remediate before technical details enable exploitation. Research involving live systems, personal data, or offensive tooling also raises privacy, authorization, dual-use, and ethical concerns. Sound findings should state their assumptions, scope, limitations, and reproducibility, since laboratory results do not automatically show that an attack is practical in every environment.

Showing 20 most recent headlines of 22 Filtered view

Cybersecurity researchers have discovered a new supply chain attack in which legitimate packages on npm and the Python Package Index (PyPI) repository have been compromised to push malicious versions to facilitate wallet credential theft and remote code execution

Trend Micro Research, News and Perspectives 5 months, 1 week ago

Viral AI, Invisible Risks: What OpenClaw Reveals About Agentic Assistants

OpenClaw (aka Clawdbot or Moltbot) represents a new frontier in agentic AI: powerful, highly autonomous, and surprisingly easy to use. In this research, we examine how its capabilities compare to its predecessors’ and highlight the security risks inherent to the agentic AI paradigm.

Bank Info Security 5 months, 1 week ago

How SCSU Is Rebuilding Campus Technology for the AI Era

Southern Connecticut State University CIO Tom Armstrong on Modernization PrioritiesLike other schools, Southern Connecticut State University is under pressure to modernize legacy systems, strengthen security and adopt AI. CIO Tom Armstrong must balance expanding research ambitions, student expectations and operational efficiency in an increasingly complex risk environment.

Bank Info Security 5 months, 1 week ago

How SCSU Is Rebuilding Campus Technology for the AI Era

Southern Connecticut State University CIO Tom Armstrong on Modernization PrioritiesLike other schools, Southern Connecticut State University is under pressure to modernize legacy systems, strengthen security and adopt AI. CIO Tom Armstrong must balance expanding research ambitions, student expectations and operational efficiency in an increasingly complex risk environment.

Too slow react-ion time Baddies are exploiting a critical bug in React Native's Metro development server to deliver malware to both Windows and Linux machines, and yet the in-the-wild attacks still haven't received the "broad public acknowledgement" that they should, according to security researchers.…

Cybersecurity researchers have disclosed details of a now-patched security flaw impacting Ask Gordon, an artificial intelligence (AI) assistant built into Docker Desktop and the Docker Command-Line Interface (CLI), that could be exploited to execute code and exfiltrate sensitive data

The group targets telecoms, critical infrastructure - all the usual high-value orgs Security researchers have attributed the Notepad++ update hijacking to a Chinese government-linked espionage crew called Lotus Blossom (aka Lotus Panda, Billbug), which abused weaknesses in the update infrastructure to gain a foothold in high-value targets by delivering a newly identified backdoor dubbed Chrysalis.…

Loading more headlines...