Communications of the ACM Security The latest news, opinion and research in security, from Communications online.
- AI and the Democratization of Cybercrimeby Alex Williams on July 31, 2025 at 4:23 pm
Offensive AI should be regulated like a controlled substance.
- Deconstructing the Take It Down Actby James Grimmelmann on July 30, 2025 at 4:05 pm
It is easy to imagine the FTC weaponizing its newfound Take It Down Act authority as a tool of censorship and extortion.
- Stop Using Vulnerability Counts to Measure Software Securityby Andy Meneely on July 29, 2025 at 3:10 pm
A project with a history of vulnerability fixes doesn’t mean it is less secure.
- SRAM Has No Chill: Exploiting Power Domain Separation to Steal On-Chip Secretsby Jubayer Mahmod on July 24, 2025 at 3:57 pm
Showing the effectiveness of a voltage-based attack that snapshots SRAM, without exposing an SoC to low temperature.
- Technical Perspective: Defending Data from SRAM-Based Attacksby Stefan Saroiu on July 24, 2025 at 3:53 pm
SRAM-based attacks include recovering portions of memory from internal caches, internal RAM, and some CPU registers; attaching voltage probes that can keep SRAM powered on SoCs.
- Internal Chat Logs of Ransomware Group Leakedby David Geer on July 21, 2025 at 5:19 pm
“Russia allows professional cybercrime gangs to operate within its borders as long as they do not cause domestic incidents.”
- Security Principles for Designing an Unhackable Crypto Walletby Elena Gardner on July 17, 2025 at 6:47 pm
Resilience requires formal rigor, verification tools, and zero-trust assumptions.
- Two Types of Data Privacy Controlsby Eman Alashwali on July 14, 2025 at 3:59 pm
Precise, sensible, and easy to use terms to differentiate the two intrinsic types of privacy controls will positively impact the accuracy of privacy research and discussions.
- Balancing Secrecy and Transparency in Bug Bounty Programsby Rahul Telang on July 8, 2025 at 4:17 pm
Embracing transparency while balancing temporary secrecy can lead to a more resilient and accountable software ecosystem.
- AI Empowers Novices to Launch Cyberattacksby David Geer on July 7, 2025 at 6:22 pm
AI-powered turnkey tools turn those with little technical expertise into cyber monsters.