KyberSlash attacks put quantum encryption projects at risk

January 7, 2024 at 03:37PM The Kyber key encapsulation mechanism, including its official implementation CRYSTALS-Kyber, has been found vulnerable to flaws known collectively as KyberSlash, allowing the recovery of secret keys. Timing-based attacks and patches for KyberSlash1 and KyberSlash2 have been identified, affecting various projects, with efforts underway to address the issue. The impact varies … Read more

Signal says there is no evidence rumored zero-day bug is real

October 16, 2023 at 02:06AM Signal messenger has investigated rumors of a zero-day security vulnerability related to its link preview feature but found no evidence of its existence. US government sources also confirmed that there is no information suggesting the vulnerability is valid. Signal advises users to disable the link previews feature as a precaution … Read more