Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: security – Page 2

A team of researchers from University of Toronto Engineering has discovered hidden multi-dimensional side channels in existing quantum communication protocols.

The new side channels arise in quantum sources, which are the devices that generate the —typically photons—used to send secure messages. The finding could have important implications for quantum security.

“What makes quantum communication more secure than classical communication is that it makes use of a property of quantum mechanics known as conjugate states,” says Ph.D. student Amita Gnanapandithan, lead author on a paper published in Physical Review Letters.

Read more | >

Nuclear fusion is a source of great hope for future energy security, with this field being explored in research reactors around the world. Accurately detecting their performance requires measurement systems that supply valid data even under extreme conditions. And the centerpiece of those systems are the bolometers from the Fraunhofer Institute for Microengineering and Microsystems IMM. Experts from the institute will be presenting their sophisticated sensors at the joint Fraunhofer booth (Hall 2, Booth B24) at this year’s Hannover Messe trade show from March 31 to April 4.

Fusion technology could be the solution to the increasing energy needs of the growing global population, but it is a highly demanding technology. The current challenge is to carry out experiments that produce more energy than they consume. To accurately capture advances in this field, specialists need exceptionally sensitive measuring instruments to analyze and control the complex processes taking place inside the reactors. Determining how much power is emitted from the fusion plasma is crucial to this.

Read more | >

Hackers are utilizing the WordPress mu-plugins (“Must-Use Plugins”) directory to stealthily run malicious code on every page while evading detection.

The technique was first observed by security researchers at Sucuri in February 2025, but adoption rates are on the rise, with threat actors now utilizing the folder to run three distinct types of malicious code.

“The fact that we’ve seen so many infections inside mu-plugins suggests that attackers are actively targeting this directory as a persistent foothold,” explains Sucuri’s security analyst Puja Srivastava.

Read more | >

Three security bypasses have been discovered in Ubuntu Linux’s unprivileged user namespace restrictions, which could be enable a local attacker to exploit vulnerabilities in kernel components.

The issues allow local unprivileged users to create user namespaces with full administrative capabilities and impact Ubuntu versions 23.10, where unprivileged user namespaces restrictions are enabled, and 24.04 which has them active by default.

Linux user namespaces allow users to act as root inside an isolated sandbox (namespace) without having the same privileges on the host.

Read more | >

Microsoft has removed the ‘BypassNRO.cmd’ script from Windows 11 preview builds, which allowed users to bypass the requirement to use a Microsoft Account when installing the operating system.

This change was introduced in the latest Windows 11 Insider Dev preview build, which means it will likely be coming to production builds.

“We’re removing the bypassnro.cmd script from the build to enhance security and user experience of Windows 11,” reads the Windows 11 Insider Preview Build 26200.5516 release notes.

Read more | >

AI agents need two things to succeed in this space: infinite scalability and the ability to connect agents from different blockchains. Without the former, agents do not have infrastructure with sufficient capacity to transact. Without the latter, agents would be off on their own island blockchains, unable to truly connect with each other. As agent actions become more complex on chain, more of their data will also have to live on the ledger, making optimizing for both of these factors important right now.

Because of all of this, I believe the next frontier of AI agents on blockchains is in gaming, where their training in immersive worlds will inevitably lead to more agentic behavior crossing over to non-gaming consumer spaces.

If the future of autonomous consumer AI agents sounds scary, it is because we have not yet had a way to independently verify LLM training models or the actions of AI agents so far. Blockchain provides the necessary transparency and transaction security so that this inevitable phenomenon can operate on safer rails. I believe the final home for these AI agents will be Web3.

Read more | >

Our machines will be smart enough and eventually we will through intelligence enhancement.

For over a century, Einstein’s theories have been the bedrock of modern physics, shaping our understanding of the universe and reality itself. But what if everything we thought we knew was just the surface of a much deeper truth? In February 2025, at Google’s high-security Quantum A-I Campus in Santa Barbara, a team of scientists gathered around their latest creation — a quantum processor named Willow. What happened next would leave even Neil deGrasse Tyson, one of the world’s most renowned astrophysicists, in tears. This is the story of how a cutting-edge quantum chip opened a door that many thought would remain forever closed, challenging our most fundamental beliefs about the nature of reality. This is a story you do not want to miss.

Read more | >

Whether it’s CRMs, project management tools, payment processors, or lead management tools — your workforce is using SaaS applications by the pound. Organizations often rely on traditional CASB solutions for protecting against malicious access and data exfiltration, but these fall short for protecting against shadow SaaS, data damage, and more.

A new report, Understanding SaaS Security Risks: Why CASB Solutions Fail to Cover ‘Shadow’ SaaS and SaaS Governance, highlighting the pressing security challenges faced by enterprises using SaaS applications. The research underscores the growing inefficacy of traditional CASB solutions and introduces a revolutionary browser-based approach to SaaS security that ensures full visibility and real-time protection against threats.

Below, we bring the main highlights of the report. Read the full report here.

Read more | >

Dozens of vulnerabilities in products from three leading makers of solar inverters, Sungrow, Growatt, and SMA, could be exploited to control devices or execute code remotely on the vendor’s cloud platform.

The potential impact of the security problems has been assessed as severe because they could be used in attacks that could at least influence grid stability, and affect user privacy.

In a grimmer scenario, the vulnerabilities could be exploited to disrupt or damage power grids by creating an imbalance between power generation and demand.

Read more | >