#security News & Analysis

Security Considerations for Artificial Intelligence Agents

Hiding in Plain Sight: A Steganographic Approach to Stealthy LLM Jailbreaks

Towards Robust Speech Deepfake Detection via Human-Inspired Reasoning

Researchers propose HIR-SDD, a new framework combining Large Audio Language Models with human-inspired reasoning to detect speech deepfakes. The method aims to improve generalization across different audio domains and provide interpretable explanations for deepfake detection decisions.

Why LLMs Fail: A Failure Analysis and Partial Success Measurement for Automated Security Patch Generation

A research study analyzing 319 LLM-generated security patches found that only 24.8% achieve full correctness, with most failures due to semantic misunderstanding rather than syntax errors. LLMs preserve functionality well but struggle significantly with security fixes, with success rates varying dramatically by vulnerability type.

Contract And Conquer: How to Provably Compute Adversarial Examples for a Black-Box Model?

Researchers propose Contract And Conquer (CAC), a new method for provably generating adversarial examples against black-box neural networks using knowledge distillation and search space contraction. The approach provides theoretical guarantees for finding adversarial examples within a fixed number of iterations and outperforms existing methods on ImageNet datasets including vision transformers.

Burn-After-Use for Preventing Data Leakage through a Secure Multi-Tenant Architecture in Enterprise LLM

Bitcoin Vault Security Advances With Babylon-Ledger Integration

Babylon Labs is integrating with Ledger to enable hardware wallet authorization for Trustless Bitcoin Vaults, giving 8 million Ledger users secure access to protocol-level vault operations. Meanwhile, Bitcoin orderbook data shows elevated sell-side liquidity at two-month highs, mirroring patterns seen during previous market retests.

French police arrest 12 as probe into spate of violent crypto kidnappings widens

French police arrested 12 individuals in Lyon connected to violent cryptocurrency kidnappings that occurred in August. This represents a widening investigation into a series of crypto-related violent crimes in France.

Anchorage Digital makes strategic investment in security firm Immunefi, buys IMU tokens

Anchorage Digital has made a strategic investment in cybersecurity firm Immunefi and purchased IMU tokens. The partnership will see Immunefi provide security services for Anchorage's Porto wallet product.

Trust Wallet adds real-time scam address checks for crypto users

Trust Wallet has implemented real-time address poisoning protection across 32 EVM-compatible blockchain networks, introducing automated scam address screening functionality. This security enhancement comes as wallet providers face increasing pressure to protect users from sophisticated crypto scams and malicious addresses.

French couple forced to hand over $1M in Bitcoin by criminals posing as police

A French couple was robbed of approximately $1 million in Bitcoin by criminals who impersonated police during a fake home invasion. This incident highlights the growing trend of physical 'wrench attacks' targeting cryptocurrency holders.

They said they were police, but pulled a knife and stole $1m in Bitcoin

Three men posing as police officers robbed a couple in Versailles, France at knifepoint, forcing them to transfer approximately $1 million worth of Bitcoin. French police are actively investigating this cryptocurrency theft case.

NFT platform Gondi to compensate users affected in $250k smart contract exploit

NFT lending platform Gondi suffered a smart contract exploit on Monday resulting in approximately $230,000 worth of stolen NFTs. The platform has committed to fully compensating all affected users following the security breach.

NFT platform Gondi moves to make users whole after $230,000 contract exploit

NFT lending platform Gondi suffered a $230,000 exploit that drained 78 NFTs across approximately 40 transactions. The platform is taking steps to compensate affected users following the contract vulnerability exploitation.

Scammers prey on pro-Iran crypto donors, warn politicians

Cryptocurrency scammers are targeting Russians who support Iran, tricking them into sending Bitcoin, Ethereum, XRP, and other digital assets through fraudulent schemes. A major political group has issued warnings about these scams specifically targeting pro-Iran crypto donors.

Do Compact SSL Backbones Matter for Audio Deepfake Detection? A Controlled Study with RAPTOR

Researchers introduced RAPTOR, a study comparing compact SSL models for audio deepfake detection, finding that multilingual HuBERT pre-training enables smaller 100M parameter models to match larger commercial systems. The study reveals that pre-training approach matters more than model size, with WavLM variants showing overconfident miscalibration issues compared to HuBERT models.

Bitcoin recovery meets DeFi tensions as Aave rift deepens: Finance Redefined

Bitcoin recovered this week driven by increased stablecoin inflows, while the DeFi sector faced mounting challenges from ongoing Aave governance disputes, security exploits, and exchange security measures. The contrast highlights Bitcoin's resilience amid broader DeFi ecosystem tensions.

Codex Security: now in research preview

Codex Security, an AI-powered application security agent, has launched in research preview to help developers detect, validate, and patch complex vulnerabilities. The tool analyzes project context to provide more accurate security assessments with reduced false positives.

Solv Protocol offers 10% bounty after hacker snatches $2.7M

Solv Protocol was hacked for $2.7 million after an attacker exploited a bug that allowed them to mint tokens freely. The protocol is now offering a 10% bounty to recover the stolen funds, with the hacker having swapped the minted tokens for Bitcoin-tied assets.

OG Trader Sillytuna Says $24M Crypto Theft Came With Violent Threats

Ethereum NFT whale Sillytuna reported a $24 million crypto theft that combined an on-chain address-poisoning scam with offline violence and threats. The incident highlights the growing sophistication of crypto crimes that blend digital attacks with physical intimidation tactics.

FBI Nabs Suspect in $46 Million US Marshals Crypto Theft

The FBI has arrested a suspect in connection with a $46 million cryptocurrency theft from the U.S. Marshals Service following an international manhunt that ended in the Caribbean. This represents one of the most significant insider crypto heists targeting a U.S. government agency in history.

Aave Labs outlines layered security plan for V4 after $1.5 million audit program

Aave Labs has announced a comprehensive security framework for its upcoming V4 protocol, featuring formal verification, layered security reviews, and a bug bounty program. This follows a substantial $1.5 million audit program, demonstrating the protocol's commitment to security before launch.

Crypto leaked by South Korean tax officials stolen a second time

A $5 million cryptocurrency theft involving South Korean tax officials resulted in an unusual double heist. The original thief confessed to police and returned the stolen funds, but the cryptocurrency was subsequently stolen again by another party.

Self-Custody Startup Bron Adds Inheritance Flow Built Around Guardians and MPC

Self-custody startup Bron has launched a new inheritance feature that leverages guardians and multi-party computation (MPC) technology to help users pass on their crypto assets. The solution aims to address one of the key challenges in cryptocurrency adoption by providing a secure way to transfer digital assets to beneficiaries.

New Critical iPhone Exploit, Morgan Stanley Taps Coinbase, a16z to Raise $2 Billion: The Last 24 Hours in Crypto

This appears to be a summary article covering multiple important developments in the past 24 hours, including a critical iPhone security exploit, Morgan Stanley's partnership with Coinbase, and a16z's $2 billion fundraising effort. The article serves as a digest of key stories across technology and cryptocurrency sectors.