https://winbuzzer.com/2025/11/10/microsoft-uncovers-whisper-leak-flaw-exposing-encrypted-ai-chats-across-28-llms-xcxwbn

Microsoft Uncovers 'Whisper Leak' Flaw, Exposing Encrypted AI Chats Across 28 LLMs

#AI #AISecurity #Cybersecurity #Microsoft #Privacy #Encryption #DataPrivacy #LLMs #SideChannelAttack #InfoSec #WhisperLeak

Did you hear? Hackers can now steal your 2FA codes pixel by pixel on Android—even bypassing recent security patches. Your phone's own screen might be revealing more than you think. Find out how this tech twist threatens our security.

https://thedefendopsdiaries.com/pixnapping-how-a-new-android-side-channel-attack-steals-2fa-codes-pixel-by-pixel/

#pixnapping
#androidsecurity
#sidechannelattack
#2fa
#cyberthreats

Hackers can steal 2FA codes and private messages from Android phones. The "Pixnapping" attack is a really clever piece of research. It shows that the theoretical wall between apps on your phone isn't as solid as we'd like to believe. By exploiting a GPU side channel, a malicious app with zero permissions can effectively screenshot other apps, one pixel at a time. It's a reminder that security is a stack, and a vulnerability at the hardware level can undermine everything built on top of it.

TL;DR
👾 A new attack called "Pixnapping" can read visual data from other apps on Android devices.
🔑 It exploits a GPU side-channel leak to steal sensitive info like 2FA codes and messages, pixel by pixel.
⚠️ The scary part: the malicious app required for the attack needs zero special permissions to be granted.
🧠 While complex to pull off, this is a serious proof of concept that challenges the core idea of OS app sandboxing.

https://arstechnica.com/security/2025/10/no-fix-yet-for-attack-that-lets-hackers-pluck-2fa-codes-from-android-phones/
#Android #Cybersecurity #SideChannelAttack #2FA #security #privacy #cloud #infosec

🚨 Threat Alert: WireTap Attack on Intel SGX Servers

Physical attacks can now compromise SGX enclaves using a low-cost DIY setup (<$1,000). Attackers can extract cryptographic keys, forge enclaves, and threaten blockchain/Web3 networks and confidential computation.

Mitigation considerations:
🛡 Restrict physical server access
🔑 Review SGX-dependent systems in blockchain & Web3
💡 Monitor for suspicious DRAM bus activity

#WireTap #IntelSGX #HardwareSecurity #CyberSecurity #SideChannelAttack #BlockchainSecurity #Web3 #ServerSecurity #Infosec

🚨 Threat Alert: WireTap Attack on Intel SGX Servers

Physical attacks can now compromise SGX enclaves using a low-cost DIY setup (<$1,000). Attackers can extract cryptographic keys, forge enclaves, and threaten blockchain/Web3 networks and confidential computation.

Mitigation considerations:
🛡 Restrict physical server access
🔑 Review SGX-dependent systems in blockchain & Web3
💡 Monitor for suspicious DRAM bus activity

#WireTap #IntelSGX #HardwareSecurity #CyberSecurity #SideChannelAttack #BlockchainSecurity #Web3 #ServerSecurity

Lamphone is a clever, optical, side-channel attack that can turn a simple lightbulb into a makeshift microphone. It works because the filament inside a lightbulb subtly vibrates in response to sound waves, like someone talking. These tiny vibrations change the amount of light the bulb emits. By pointing a light sensor or photodiode at the bulb from a distance, a lamphone attack can detect these variations in brightness and convert them back into audio signals, effectively “listening in” on conversations without touching the microphone or the room.

It’s a striking example of how everyday objects can be exploited for surveillance, showing that even something as mundane as a lamp can leak information if you know what to look for.

#OpticalPhreaking #SideChannelAttack #CyberSecurity #Privacy #InformationLeak