Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog – Page 4

Get the latest international news and world events from around the world.

Log in for authorized contributors

‘Near-misses’ in particle accelerators can illuminate new physics, study finds

Particle accelerators reveal the heart of nuclear matter by smashing together atoms at close to the speed of light. The high-energy collisions produce a shower of subatomic fragments that scientists can then study to reconstruct the core building blocks of matter.

An MIT-led team has now used the world’s most powerful particle accelerator to discover new properties of matter, through particles’ “near-misses.” The approach has turned the particle accelerator into a new kind of microscope—and led to the discovery of new behavior in the forces that hold matter together.

In a study appearing this week in the journal Physical Review Letters, the team reports results from the Large Hadron Collider (LHC)—a massive underground, ring-shaped accelerator in Geneva, Switzerland. Rather than focus on the accelerator’s particle collisions, the MIT team searched for instances when particles barely glanced by each other.

DNA shape explains crucial gene-therapy challenges

CRISPR is a powerful DNA-editing tool that has underpinned huge advancements in human health care in the last decade. It is a precision tool, but is not perfect, and misplaced DNA edits can compromise safety and efficacy, costing billions each year. Researchers at the MRC Laboratory of Medical Sciences (LMS), Imperial College London and the University of Sheffield have published research in Nature showing that the physical twisting of DNA plays an important role in these mistakes. Using a newly developed platform of tiny (nanometer-sized) DNA circles, called DNA minicircles, the team captured never-before-seen interactions between CRISPR and DNA, providing insights that could help eradicate errors altogether.

CRISPR-Cas9 has transformed biology by giving scientists a programmable way to cut and edit DNA. Its ever-growing impact includes groundbreaking therapies for genetic diseases such as sickle cell anemia and an increasing role in personalized cancer treatment and rapid diagnostics. But even carefully designed CRISPR systems can sometimes cut DNA sequences that were not the intended targets.

“It’s a tool that is not perfect and can introduce errors and make edits where it shouldn’t make them,” says Professor David Rueda, head of the Single Molecule Imaging group at the LMS and Chair in Molecular and Cellular Biophysics at Imperial College London. “And it’s an important problem for the industry. It’s been estimated to be $0.3 to $0.9 billions per year in industry costs, in profiling off-targets, redesigning guides and delays.”

[Webinar] Stop Guessing. Learn to Validate Your Defenses Against Real Attacks

That’s where things get shaky. A control exists, so it’s assumed to work. A detection rule is active, so it’s expected to catch something. But very few teams are consistently testing how all of this holds up when someone is actively trying to break through, step by step.

This is exactly the gap this webinar focuses on.

Exposure-Driven Resilience: Automate Testing to Validate & Improve Your Security Posture is a practical session built around one idea: stop guessing, start proving. Instead of relying on occasional testing or assumptions, it shows how to validate your security posture continuously using real attacker behavior.

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

Specifically, the XSS vulnerability enables the execution of arbitrary JavaScript code in the context of “a-cdn.claude[.]ai.” A threat actor could leverage this behavior to inject JavaScript that issues a prompt to the Claude extension.

The extension, for its part, allows the prompt to land in Claude’s sidebar as if it’s a legitimate user request simply because it comes from an allow-listed domain.

“The attacker’s page embeds the vulnerable Arkose component in a hidden, sends the XSS payload via postMessage, and the injected script fires the prompt to the extension,” Yomtov explained. “The victim sees nothing.”

TikTok for Business accounts targeted in new phishing campaign

Threat actors are targeting TikTok for Business accounts in a phishing campaign that prevents security bots from analyzing malicious pages.

TikTok Business accounts may be targeted due to their high potential for abuse in malvertising campaigns, ad fraud, and the distribution of malicious content.

Browser threat detection and response company Push Security links the campaign to one documented last year, which targeted Google Ad Manager accounts.

WhatsApp rolls out more AI features, iOS multi-account support

WhatsApp is rolling out multiple features designed to make the app easier to use, including AI-powered message replies and photo retouching, support for two accounts on iOS, and chat history transfer between iOS and Android devices.

Meta said that after the new updates, users will be able to touch up images in the chat before sharing them with contacts or in groups using Meta AI.

The Writing Help feature enables users to quickly draft a response based on the active conversation, with Meta saying it uses Private Processing to ensure messages are completely private.

/* */