I recently attended the AI Engineer Code Summit in New York, an invite-only gathering of AI leaders and engineers. One theme emerged repeatedly in conversations with attendees building with AI: the …
AI Security Roundup
Daily feed of AI security, malware, and defensive research updates.
Go’s arithmetic operations on standard integer types are silent by default, meaning overflows “wrap around” without panicking. This behavior has hidden an entire class of security vulnerabilities from …
With browser-embedded AI agents, we’re essentially starting the security journey over again. We exploited a lack of isolation mechanisms in multiple agentic browsers to perform attacks ranging from …
Software signatures carry an invisible expiration date. The container image or firmware you sign today might be deployed for 20 years, but the cryptographic signature protecting it may become …
Last year, our engineers submitted over 375 pull requests that were merged into non–Trail of Bits repositories, touching more than 90 projects from cryptography libraries to the Rust compiler. This …
Preface Hello from the future! This is a blogpost I originally drafted in early 2017. I wrote what I intended to be the first half of this post (about escaping from the VM to the VirtualBox host …
While on Project Zero, we aim for our research to be leading-edge, our blog design was ⦠not so much. We welcome readers to our shiny new blog! For the occasion, we asked members of Project Zero to …
Over the past few years, several AI-powered features have been added to mobile phones that allow users to better search and understand their messages. One effect of this change is increased 0-click …
With the advent of a potential Dolby Unified Decoder RCE exploit, it seemed prudent to see what kind of Linux kernel drivers might be accessible from the resulting userland context, the mediacodec …
While our previous two blog posts provided technical recommendations for increasing the effort required by attackers to develop 0-click exploit chains, our experience finding, reporting and exploiting …
A headline feature introduced in the latest release of Windows 11, 25H2 is Administrator Protection . The goal of this feature is to replace User Account Control (UAC) with a more robust and …
In the first part of this series , I detailed my journey into macOS security research, which led to the discovery of a type confusion vulnerability ( CVE-2024-54529 ) and a double-free vulnerability ( …
In my last blog post I introduced the new Windows feature, Administrator Protection and how it aimed to create a secure boundary for UAC where one didnât exist. I described one of the ways I was …
The story you are reading is a series of scoops nestled inside a far more urgent Internet-wide security advisory. The vulnerability at issue has been exploited for months already, and it’s time for a …
Our first story of 2026 revealed how a destructive new botnet called Kimwolf has infected more than two million devices by mass-compromising a vast number of unofficial Android TV streaming boxes . …
Microsoft today issued patches to plug at least 113 security holes in its various Windows operating systems and supported software. Eight of the vulnerabilities earned Microsoft’s most-dire “critical” …
A new Internet-of-Things (IoT) botnet called Kimwolf has spread to more than 2 million devices, forcing infected systems to participate in massive distributed denial-of-service (DDoS) attacks and to …
iPhone Lockdown Mode Protects Washington Post Reporter 404Media is reporting that the FBI could not access a reporter’s iPhone because it had Lockdown Mode enabled: The court record shows what devices …
LLMs are Getting a Lot Better and Faster at Finding and Exploiting Zero-Days This is amazing : Opus 4.6 is notably better at finding high-severity vulnerabilities than previous models and a sign of …
I Am in the Epstein Files Once . Someone named “Vincenzo lozzo” wrote to Epstein in email, in 2016: “I wouldn’t pay too much attention to this, Schneier has a long tradition of dramatizing and …
Friday Squid Blogging: Squid Fishing Tips This is a video of advice for squid fishing in Puget Sound. As usual, you can also use this squid post to talk about the security stories in the news that I …
AI-Generated Text and the Detection Arms Race In 2023, the science fiction literary magazine Clarkesworld stopped accepting new submissions because so many were generated by artificial intelligence. …
Rewiring Democracy Ebook is on Sale I just noticed that the ebook version of Rewriring Democracy is on sale for $5 on Amazon , Apple Books , Barnes & Noble , Books A Million , Google Play , Kobo , …
Prompt Injection Via Road Signs Interesting research: “ CHAI: Command Hijacking Against Embodied AI .” Abstract: Embodied Artificial Intelligence (AI) promises to handle edge cases in robotic vehicle …
** Ravie Lakshmanan ** Feb 11, 2026 Cyber Espionage / Threat Intelligence Indian defense sector and government-aligned organizations have been targeted by multiple campaigns that are designed to …