A journalist reported a missile strike. Then came the death threats. An Israeli war reporter says online gamblers demanded he change a published story so they could win a payout on prediction market Polymarket.

A journalist filed a brief live blog entry on an apparent Iranian missile strike that hit no one and caused no serious damage.

Next thing he knew, angry Polymarket users were demanding he change the story—and threatening his life and family if he refused.

My story: wapo.st/4lI6Pon (gift link)

Abstract. Nym is a reputation- and incentive-enhanced anonymous communications network that utilizes staking, performance monitoring, and rewards to encourage high-quality contributions. In this work, we analyze the reputation mechanism used in Nym’s Mixnet and NymVPN service. Using a combination of source code analysis, data collection from Nym mainnet, and network simulations with a custom simulator, we demonstrate active attacks that may allow a moderately resourced adversary to gain control of a fraction of Nym Mixnet’s active set. This condition may enable connection de-anonymization attacks. In particular, we show that the mechanism Nym uses to measure node performance is vulnerable to a form of “framing” attack that allows a small number of low-stake nodes to damage the score of high-reputation active nodes. We then consider and discuss various mitigations. This work highlights the challenge of nodes’ reliability measurement in reputation-enhanced networks, where the entry of low-reputation nodes is required for network survivability but also grants attackers a platform to launch attacks against the network.

Image showing part 2 of abstract.

Analysis and Attacks on the Reputation System of Nym (Xinmu Alexis Cao, Matthew Green) ia.cr/2026/101

Hundreds of Millions of Audio Devices Need a Patch to Prevent Wireless Hacking and Tracking Flaws in how 17 models of headphones and speakers use Google’s one-tap Fast Pair Bluetooth protocol have left devices open to eavesdroppers and stalkers.

Hundreds of millions of earbuds, headphones and speakers need a security update (yes, you need to update your earbuds) to prevent a wireless hacking technique that can hijack audio, eavesdrop via mics, and in some cases remotely track the accessory’s location. www.wired.com/story/google...

Internet collapses in Iran amid protests over economic crisis | TechCrunch Internet monitoring firms and experts say Iran’s internet has almost completely shut down, as protests spread through major cities.

NEW: The internet in Iran is nearly completely shut down, according to internet monitoring firms.

The blackout comes in the midst of countrywide protests that have lasted for days after spikes in prices and shortages of basic goods. The govenrment has responded with a violent crackdown.

Alexis Cao, a visiting intern from Johns Hopkins University, has joined COSIC to work on enhancing the security and privacy of mixnets this summer. Welcome!
#choosecosic #cosic #kuleuven

The Guardian launches Secure Messaging, a world-first from a media organisation, in collaboration with the University of Cambridge Secure Messaging is a new innovation for confidential story-sharing and source protection, underpinning the Guardian’s commitment to investigative journalism. The Guardian has published the open sourc...

www.theguardian.com/gnm-press-of...

BSidesCharm 2025 - Beyond Tor and VPN: Protect Your Privacy With Decentralized Mixnet - Alexis Cao YouTube video by BSidesCharm

my talk last month is now up on youtube!!
youtu.be/oGQ4nDvTW_4

the calm before the storm

Undocumented "backdoor" found in Bluetooth chip used by a billion devices The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains an undocumented "backdoor" that could be leveraged for attacks.

ESP32 Bluetooth firmware contains 29 hidden HCI commands (0xFC01–0xFC44), enabling RAM/Flash manipulation, MAC spoofing, and LMP/LLCP packet injection. Attackers can achieve persistent implants, device impersonation, firmware checks bypass, and advanced Bluetooth-based pivoting.
tinyurl.com/esp32bd

Hacking Subaru: Tracking and Controlling Cars via the STARLINK Admin Panel On November 20, 2024, Shubham Shah and I discovered a security vulnerability in Subaru’s STARLINK admin panel that gave us unrestricted access to all vehicles and customer accounts in the United State...

Oh boy, Sam Curry comes again with yet another critical #vulnerability, now in Subaru vehicles, basically allowing full remote control over the cars.

#Automotive security is no joke, but manufacturer's still live by security standards from the beginning of the century.

samcurry.net/hacking-subaru

omg now i can’t unsee it 😂

c69cb94fbf0c059e8cf91cf0f369f576

#cyberdeckchallenge #shmoocon