All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.
FreqTransNet is a new deep learning watermarking model that combines convolutional modules, Transformer structures (neural networks that use self-attention to understand relationships between distant parts of data), and frequency-domain transformations (mathematical techniques that analyze images by breaking them into component frequencies) to embed invisible marks into images more robustly. The model outperforms existing watermarking methods, achieving better visual quality and maintaining over 97% accuracy in extracting watermarks even when images are attacked or modified.
Adobe has launched a beta version of an AI assistant for Photoshop on the web and mobile apps that uses natural language prompts (instructions written in plain English rather than code) to help users edit images, such as removing objects, changing colors, or adjusting lighting. The company is also expanding its Firefly tool (a media generation and editing platform) with new AI-powered features like generative fill, object removal, and background removal. Paid Photoshop users get unlimited AI generations through April 9, while free users receive 20 generations to start.
Adobe has released an AI assistant for Photoshop on web and mobile (now in public beta, meaning it's available for anyone to test) that lets users edit images by describing changes in plain language to a chatbot instead of using traditional menus. The assistant can perform tasks like removing distractions, changing backgrounds, adjusting lighting, and modifying colors through conversational requests.
Zoom is launching AI-powered avatars (realistic digital representations that can mimic a user's appearance and movements) that can represent users in meetings, along with new AI tools like document and presentation apps, an AI agent builder for non-technical users, and a deepfake detection technology (software that identifies when audio or video has been artificially manipulated or impersonated) to alert meeting participants of possible impersonation. The company is also expanding its AI Companion assistant across desktop and other products, and introducing custom AI agents that users can control through natural language prompts (instructions written in everyday English rather than code).
Google is expanding its Gemini AI assistant into more of its Workspace apps, including a new chat window in Google Docs that lets users describe documents for AI to create, AI-powered spreadsheet generation, and a Gemini-powered search feature in Drive. The Gemini assistant can pull information from the web, Drive, Gmail, and other sources to help users with their work.
Google is adding new Gemini AI features to its productivity apps (Docs, Sheets, Slides, and Drive) that help users create and organize content faster by pulling information from their emails, files, and the web. These tools include features like automatically drafting documents, generating formatted spreadsheets, creating slides that match your theme, and searching across files using natural language (plain English questions instead of technical search terms). The goal is to let users accomplish tasks within Google's apps without switching to separate tools.
Sandbar, a startup founded by former Meta employees, raised $23 million to develop the Stream ring, a wearable device with a microphone that records notes and lets users chat with an AI assistant through a phone app. The ring's microphone is off by default and only activates when users lift their hand to their face, which signals intent for private note-taking rather than recording surrounding conversations.
Anthropic, an AI company, filed a lawsuit against the federal government after the Pentagon blacklisted it as a 'supply chain risk' (a security classification typically reserved for foreign adversaries), claiming the move is unlawful and causes irreparable harm. The blacklisting followed Anthropic's disagreement with the Pentagon over how its AI systems could be used. Defense experts worry this precedent could harm U.S. competitiveness by cutting off access to a major American AI vendor.
In February 2026, organizations worldwide faced an average of 2,086 cyber attacks per week, a 9.6% increase from the previous year, indicating that high attack volumes are now a constant threat rather than a temporary spike. While ransomware attacks declined compared to last year, overall attack activity remains near record levels due to automation, expanded digital systems, and security risks from enterprise GenAI (generative AI used by businesses) usage.
This research proposes TCroS, a system for securely sharing sensitive data across different manufacturer domains in Internet of Vehicles (IoV, connected vehicles that communicate over the internet) while allowing users to search for specific information using keywords. The system uses proxy re-encryption (a technique that transforms encrypted data so it can be decrypted by different authorized parties) and embeds requester identities into decryption keys so that if an encryption key is leaked, the source can be traced. The authors also created an extended version called TCroSS that adds privacy-preserving keyword search with Boolean queries (AND, OR, NOT operations) to find authorized data efficiently while protecting against keyword guessing attacks.
NiIas is a security protocol designed for Multi-access Edge Computing (MEC, a system where computing resources are placed closer to users at the network edge) that allows devices to authenticate and send data immediately without the usual setup delays required by traditional protocols. The protocol uses identity-based cryptography (a method where users' public keys are derived from their identity rather than certificates) and an authenticate-before-decryption mechanism to filter out unauthorized traffic and protect against denial-of-service attacks (attempts to overwhelm a system with traffic to make it unavailable).
A Decentralized Randomness Beacon (DRB, a cryptographic tool that generates unpredictable, publicly verifiable randomness for distributed systems) is used in blockchain and distributed networks, but existing protocols like GRandLine and RandFlash expose participants' identities during leader election, risking privacy leaks. The paper proposes PADRE, a new privacy-aware DRB protocol that hides participant identities while maintaining security and efficiency, using a new cryptographic primitive called anonymous threshold verifiable random functions (ATVRF).
This research identifies how attackers can exploit non-control data in the Linux kernel's file system (the part of the OS that manages files and folders) to gain unauthorized access, even when control-flow integrity (a security technique that prevents attackers from hijacking program execution paths) is in place. The study developed a framework to automatically find vulnerable data objects and demonstrated 10 working attacks against the kernel with modern security protections enabled.
Researchers tested code generated by five different LLM (large language model, AI systems that write text) families across four programming languages and found significant security weaknesses, especially in C and C++ where memory safety issues (bugs that let attackers access or corrupt memory) and hard-coded secrets (passwords or keys written directly in code) were common. The study revealed that LLMs often fail to use modern security features available in newer versions of programming tools and tend to rely on outdated, less secure methods. The researchers conclude that LLMs need to be improved to generate code that follows current security best practices.
This research paper presents RASE, a new method for collecting data from Internet of Things devices (connected sensors that gather information) while protecting people's privacy from disclosure attacks (attempts to figure out what specific individuals' data is). RASE works in three steps: first adding noise (random false data) to real readings, then randomly scrambling who sent what data so senders can't be linked to receivers, and finally calculating approximate totals from the scrambled data.
Researchers developed PING (Positive-Incentive Noise Generator), a new method that adds carefully designed noise to protect private data in decentralized learning (where multiple computers train AI models together without sending raw data to a central server) while keeping the learning process efficient. The method uses network connections and lightweight encryption to create correlated noise (noise patterns that work together), and builds on this to create PP-DPIN, an algorithm that combines differential privacy (a mathematical technique for protecting individual data points) and information theory to ensure strong privacy guarantees for at least half the computers involved.
This paper surveys eXplainable AI (XAI, methods for making AI decisions understandable to humans) in visual recognition, which is increasingly important for safety-critical applications like autonomous driving and medical diagnostics. The survey organizes XAI approaches by intent, object, presentation, and methodology, and also examines how interpretability applies to Multimodal Large Language Models (AI systems that process and combine text, images, and other data types).
This research addresses negative transfer, which occurs when an AI model performs worse after trying to apply knowledge from one domain (a labeled dataset) to a different domain (an unlabeled dataset) due to significant differences between them. The study identifies that models relying too heavily on non-causal environmental features (irrelevant details that don't actually cause predictions) creates disagreement across domains, harming performance. The proposed solution, called RED (Reducing Environmental Disagreement), separates each sample into causal features (the truly relevant information) and non-causal environmental features, then reduces the disagreement between domains based on these environmental features.
Fix: The proposed solution is RED (Reducing Environmental Disagreement), which "disentangles each sample into domain-invariant causal features and domain-specific non-causal environmental features via adversarially training domain-specific environmental feature extractors in the opposite domains. Subsequently, RED estimates and reduces environmental disagreement based on domain-specific non-causal environmental features."
IEEE Xplore (Security & AI Journals)As AI tools like ChatGPT become common among students, university professors worry that critical thinking and deep learning in humanities subjects are at risk. One Stanford literature professor is experimenting with offline learning methods, like having students memorize and recite poems and examine art in person, to help students experience learning directly rather than relying on AI to do their work for them.
Fix: Zoom is adding deepfake detection technology for meetings to alert participants of possible audio or video impersonation.
TechCrunchThis newsletter covers multiple AI and technology developments, including AI's expanding role in military decision-making during the Iran conflict through 'vibe-coded' intelligence dashboards (AI systems that present information in visually appealing but potentially unreliable formats), legal disputes between AI companies and governments, and emerging threats like GPS jamming in the Middle East. The piece also highlights concerns about AI cloning real people's voices without consent, developments in AI agents, and psychological effects of AI companions on users.