Security news aggregator

Latest coverage for Side-Channel

Side-channel attacks infer sensitive data from unintended signals such as timing, power use, or electromagnetic emissions, bypassing logical defenses.

11 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Side-channel attacks infer secrets from indirect physical or behavioral signals produced while a system operates, rather than from the intended output alone. Useful signals can include execution time, CPU-cache behavior, power use, electromagnetic emissions, or sound. In practice, attackers may measure many operations and use statistical analysis to recover cryptographic keys or distinguish sensitive data, especially when they can run code near a target or obtain physical access to a device.

The main concern is unintended information leakage from cryptographic libraries, processors, smart cards, mobile and embedded devices, and shared computing environments. Risk reduction includes constant-time implementations, masking or blinding that makes intermediate values less useful, limiting co-residency and access to high-resolution measurements, and shielding or filtering hardware where appropriate. Security testing should measure actual leakage rather than assume encryption alone prevents it; vulnerability management should also account for affected processor designs, libraries, and device models. Exposure and feasible attacker access determine whether a side channel is a practical threat.

Volume over time

Weekly headline count for the current query.

Showing 11 most recent headlines Filtered view

Encryption protects content, not context Mischief-makers can guess the subjects being discussed with LLMs using a side-channel attack, according to Microsoft researchers. They told The Register that models from some providers, including Anthropic, AWS, DeepSeek, and Google, haven't been fixed, putting both personal users and enterprise communications at risk.…

AMD Zen hardware and Intel Coffee Lake affected If you thought the world was done with side-channel CPU attacks, think again. ETH Zurich has identified yet another Spectre-based transient execution vulnerability that affects AMD Zen CPUs and Intel Coffee Lake processors by breaking virtualization boundaries.…

It's another cousin of Spectre, here to read your email, browsing history, and more Many recent Apple laptops, desktops, tablets, and phones powered by Cupertino's homegrown Silicon processors can be exploited to reveal email content, browsing behavior, and other sensitive data through two newly identified side-channel attacks on Chrome and Safari.…

ALSO: Roblox-themed infostealer on the prowl, telco insider pleads guilty to swapping SIMs, and some crit vulns in brief Almost as quickly as a paper came out last week revealing an AI side-channel vulnerability, Cloudflare researchers have figured out how to solve it: just obscure your token size.…

Also: Your Salesforce Community site might be leaking; a new CPU side-channel; and this week's critical vunls in brief You may have heard news this week that Google is finally updating its authenticator app to add Google account synchronization. Before you rush to ensure your two-factor secrets are safe in the event you lose your device, take heed: The sync process isn't end-to-end encrypted.…