Crypto-Gram: 2025 Archives

December 15, 2025

In this issue:

  1. More Prompt||GTFO
  2. AI and Voter Engagement
  3. Legal Restrictions on Vulnerability Disclosure
  4. Scam USPS and E-Z Pass Texts and Websites
  5. AI as Cyberattacker
  6. More on Rewiring Democracy
  7. IACR Nullifies Election Because of Lost Decryption Key
  8. Four Ways AI Is Being Used to Strengthen Democracies Worldwide
  9. Huawei and Chinese Surveillance
  10. Prompt Injection Through Poetry
  11. Banning VPNs
  12. Like Social Media, AI Requires Difficult Choices
  13. New Anonymous Phone Service
  14. Substitution Cipher Based on The Voynich Manuscript
  15. AI vs. Human Drivers
  16. FBI Warns of Fake Video Scams
  17. AIs Exploiting Smart Contracts
  18. Building Trustworthy AI Agents
  19. Upcoming Speaking Engagements
Read This Issue →

November 15, 2025

In this issue:

  1. Apple’s Bug Bounty Program
  2. Cryptocurrency ATMs
  3. A Surprising Amount of Satellite Traffic Is Unencrypted
  4. Agentic AI’s OODA Loop Problem
  5. A Cybersecurity Merit Badge
  6. Failures in Face Recognition
  7. Serious F5 Breach
  8. Part Four of The Kryptos Sculpture
  9. First Wap: A Surveillance Computer You’ve Never Heard Of
  10. Louvre Jewel Heist
  11. Social Engineering People’s Credit Card Details
  12. Signal’s Post-Quantum Cryptographic Implementation
  13. The AI-Designed Bioweapon Arms Race
  14. Will AI Strengthen or Undermine Democracy?
  15. AI Summarization Optimization
  16. Cybercriminals Targeting Payroll Sites
  17. Scientists Need a Positive Vision for AI
  18. Rigged Poker Games
  19. Faking Receipts with AI
  20. New Attacks Against Secure Enclaves
  21. Prompt Injection in AI Browsers
  22. On Hacking Back
  23. Book Review: The Business of Secrets
  24. The Role of Humans in an AI-Powered World
  25. Upcoming Speaking Engagements
Read This Issue →

October 15, 2025

In this issue:

  1. Lawsuit About WhatsApp Security
  2. Microsoft Still Uses RC4
  3. Hacking Electronic Safes
  4. Time-of-Check Time-of-Use Attacks Against LLMs
  5. Surveying the Global Spyware Market
  6. Details About Chinese Surveillance and Propaganda Companies
  7. Apple’s New Memory Integrity Enforcement
  8. US Disrupts Massive Cell Phone Array in New York
  9. Malicious-Looking URL Creation Service
  10. Digital Threat Modeling Under Authoritarianism
  11. Abusing Notion’s AI Agent for Data Theft
  12. Details of a Scam
  13. Use of Generative AI in Scams
  14. Daniel Miessler on the AI Attack/Defense Balance
  15. AI in the 2026 Midterm Elections
  16. AI-Enabled Influence Operation Against Iran
  17. Flok License Plate Surveillance
  18. Autonomous AI Hacking and the Future of Cybersecurity
  19. AI and the Future of American Politics
  20. Rewiring Democracy is Coming Soon
  21. The Trump Administration’s Increased Use of Social Media Surveillance
  22. Upcoming Speaking Engagements
Read This Issue →

September 15, 2025

In this issue:

  1. Trojans Embedded in .svg Files
  2. Eavesdropping on Phone Conversations Through Vibrations
  3. Zero-Day Exploit in WinRAR File
  4. Subverting AIOps Systems Through Poisoned Input Data
  5. Jim Sanborn Is Auctioning Off the Solution to Part Four of the Kryptos Sculpture
  6. AI Agents Need Data Integrity
  7. I’m Spending the Year at the Munk School
  8. Poor Password Choices
  9. Encryption Backdoor in Military/Police Radios
  10. We Are Still Unable to Secure LLMs from Malicious Inputs
  11. The UK May Be Dropping Its Backdoor Mandate
  12. Baggage Tag Scam
  13. 1965 Cryptanalysis Training Workbook Released by the NSA
  14. Indirect Prompt Injection Attacks Against LLM Assistants
  15. Generative AI as a Cybercrime Assistant
  16. GPT-4o-mini Falls for Psychological Manipulation
  17. My Latest Book: Rewiring Democracy
  18. AI in Government
  19. Signed Copies of Rewiring Democracy
  20. New Cryptanalysis of the Fiat-Shamir Protocol
  21. A Cyberattack Victim Notification Framework
  22. Upcoming Speaking Engagements
Read This Issue →

August 15, 2025

In this issue:

  1. Report from the Cambridge Cybercrime Conference
  2. Hacking Trains
  3. Security Vulnerabilities in ICEBlock
  4. New Mobile Phone Forensics Tool
  5. Another Supply Chain Vulnerability
  6. “Encryption Backdoors and the Fourth Amendment”
  7. Google Sues the Badbox Botnet Operators
  8. How the Solid Protocol Restores Digital Agency
  9. Subliminal Learning in AIs
  10. Microsoft SharePoint Zero-Day
  11. That Time Tom Lehrer Pranked the NSA
  12. Aeroflot Hacked
  13. Measuring the Attack/Defense Balance
  14. Cheating on Quantum Computing Benchmarks
  15. Spying on People Through Airportr Luggage Delivery Service
  16. First Sentencing in Scheme to Help North Koreans Infiltrate US Companies
  17. Surveilling Your Children with AirTags
  18. The Semiconductor Industry and Regulatory Compliance
  19. China Accuses Nvidia of Putting Backdoors into Their Chips
  20. Google Project Zero Changes Its Disclosure Policy
  21. Automatic License Plate Readers Are Coming to Schools
  22. The “Incriminating Video” Scam
  23. SIGINT During World War II
  24. AI Applications in Cybersecurity
  25. LLM Coding Integrity Breach
Read This Issue →

July 15, 2025

In this issue:

  1. Where AI Provides Value
  2. Ghostwriting Scam
  3. Self-Driving Car Video Footage
  4. Surveillance in the US
  5. Largest DDoS Attack to Date
  6. Here’s a Subliminal Channel You Haven’t Considered Before
  7. What LLMs Know About Their Users
  8. House of Representatives Bans WhatsApp
  9. The Age of Integrity
  10. How Cybersecurity Fears Affect Confidence in Voting Systems
  11. Iranian Blackout Affected Misinformation Campaigns
  12. Ubuntu Disables Spectre/Meltdown Protections
  13. Surveillance Used by a Drug Cartel
  14. Hiding Prompt Injections in Academic Papers
  15. Yet Another Strava Privacy Leak
  16. Using Signal Groups for Activism
  17. Tradecraft in the Information Age
Read This Issue →

June 15, 2025

In this issue:

  1. Communications Backdoor in Chinese Power Inverters
  2. The NSA’s “Fifty Years of Mathematical Cryptanalysis (1937–1987)”
  3. DoorDash Hack
  4. More AIs Are Taking Polls and Surveys
  5. The Voter Experience
  6. Signal Blocks Windows Recall
  7. Chinese-Owned VPNs
  8. Location Tracking App for Foreigners in Moscow
  9. Surveillance Via Smart Toothbrush
  10. Why Take9 Won’t Improve Cybersecurity
  11. Australia Requires Ransomware Victims to Declare Payments
  12. New Linux Vulnerabilities
  13. The Ramifications of Ukraine’s Drone Attack
  14. Report on the Malicious Uses of AI
  15. Hearing on the Federal Government and AI
  16. New Way to Covertly Track Android Users
  17. Airlines Secretly Selling Passenger Data to the Government
  18. Paragon Spyware Used to Spy on European Journalists
  19. Upcoming Speaking Engagements
Read This Issue →

May 15, 2025

In this issue:

  1. Slopsquatting
  2. CVE Program Almost Unfunded
  3. Age Verification Using Facial Scans
  4. Android Improves Its Security
  5. Regulating AI Behavior with a Hypervisor
  6. New Linux Rootkit
  7. Cryptocurrency Thefts Get Physical
  8. Windscribe Acquitted on Charges of Not Collecting Users’ Data
  9. Applying Security Engineering to Prompt Injection Security
  10. WhatsApp Case Against NSO Group Progressing
  11. US as a Surveillance State
  12. NCSC Guidance on “Advanced Cryptography”
  13. Privacy for Agentic AI
  14. Another Move in the Deepfake Creation/Detection Arms Race
  15. Fake Student Fraud in Community Colleges
  16. Chinese AI Submersible
  17. Florida Backdoor Bill Fails
  18. Court Rules Against NSO Group
  19. Google’s Advanced Protection Now on Android
  20. Upcoming Speaking Engagements
  21. AI-Generated Law
Read This Issue →

April 15, 2025

In this issue:

  1. Improvements in Brute Force Attacks
  2. Is Security Human Factors Research Skewed Towards Western Ideas and Habits?
  3. Critical GitHub Attack
  4. NCSC Releases Post-Quantum Cryptography Timeline
  5. My Writings Are in the LibGen AI Training Corpus
  6. More Countries are Demanding Backdoors to Encrypted Apps
  7. Report on Paragon Spyware
  8. AI Data Poisoning
  9. A Taxonomy of Adversarial Machine Learning Attacks and Mitigations
  10. AIs as Trusted Third Parties
  11. The Signal Chat Leak and the NSA
  12. Cell Phone OPSEC for Border Crossings
  13. Rational Astrologies and Security
  14. Web 3.0 Requires Data Integrity
  15. Troy Hunt Gets Phished
  16. DIRNSA Fired
  17. Arguing Against CALEA
  18. How to Leak to a Journalist
  19. Reimagining Democracy
  20. AI Vulnerability Finding
  21. China Sort of Admits to Being Behind Volt Typhoon
  22. Upcoming Speaking Engagements
Read This Issue →

March 15, 2025

In this issue:

  1. Atlas of Surveillance
  2. Story About Medical Device Security
  3. Device Code Phishing
  4. An LLM Trained to Create Backdoors in Code
  5. Implementing Cryptography in AI Systems
  6. More Research Showing AI Breaking the Rules
  7. North Korean Hackers Steal $1.5B in Cryptocurrency
  8. UK Demanded Apple Add a Backdoor to iCloud
  9. “Emergent Misalignment” in LLMs
  10. Trojaned AI Tool Leads to Disney Hack
  11. CISA Identifies Five New Vulnerabilities Currently Being Exploited
  12. The Combined Cipher Machine
  13. Rayhunter: Device to Detect Cellular Surveillance
  14. Thousands of WordPress Websites Infected with Malware
  15. Silk Typhoon Hackers Indicted
  16. China, Russia, Iran, and North Korea Intelligence Sharing
  17. RIP Mark Klein
  18. TP-Link Router Botnet
  19. Upcoming Speaking Engagements
Read This Issue →

February 15, 2025

In this issue:

  1. Phishing False Alarm
  2. FBI Deletes PlugX Malware from Thousands of Computers
  3. Social Engineering to Disable iMessage Protections
  4. Biden Signs New Cybersecurity Order
  5. AI Mistakes Are Very Different from Human Mistakes
  6. AI Will Write Complex Laws
  7. Third Interdisciplinary Workshop on Reimagining Democracy (IWORD 2024)
  8. New VPN Backdoor
  9. CISA Under Trump
  10. ExxonMobil Lobbyist Caught Hacking Climate Activists
  11. Fake Reddit and WeTransfer Sites Are Pushing Malware
  12. Journalists and Civil Society Members Using WhatsApp Targeted by Paragon Spyware
  13. Deepfakes and the 2024 US Election
  14. On Generative AI Security
  15. AIs and Robots Should Sound Robotic
  16. Screenshot-Reading Malware
  17. UK Is Ordering Apple to Break Its Own Encryption
  18. Pairwise Authentication of Humans
  19. Trusted Execution Environments
  20. Delivering Malware Through Abandoned Amazon S3 Buckets
  21. DOGE as a National Cyberattack
  22. AI and Civil Service Purges
  23. Upcoming Speaking Engagements
Read This Issue →

January 15, 2025

In this issue:

  1. Short-Lived Certificates Coming to Let’s Encrypt
  2. Hacking Digital License Plates
  3. New Advances in the Understanding of Prime Numbers
  4. Mailbox Insecurity
  5. Criminal Complaint against LockBit Ransomware Writer
  6. Spyware Maker NSO Group Found Liable for Hacking WhatsApp
  7. Scams Based on Fake Google Emails
  8. Casino Players Using Hidden Cameras for Cheating
  9. Salt Typhoon’s Reach Continues to Grow
  10. Gift Card Fraud
  11. Google Is Allowing Device Fingerprinting
  12. ShredOS
  13. Privacy of Photos.app’s Enhanced Visual Search
  14. US Treasury Department Sanctions Chinese Company Over Cyberattacks
  15. Zero-Day Vulnerability in Ivanti VPN
  16. Apps That Are Spying on Your Location
  17. Microsoft Takes Legal Action Against AI “Hacking as a Service” Scheme
  18. The First Password on the Internet
  19. Upcoming Speaking Engagements
Read This Issue →
← 2024Calendar

Sidebar photo of Bruce Schneier by Joe MacInnis.