Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: encryption

Scientists advance quantum signaling with twisted light technology

A tiny device that entangles light and electrons without super-cooling could revolutionize quantum tech in cryptography, computing, and AI.

Present-day quantum computers are big, expensive, and impractical, operating at temperatures near-459 degrees Fahrenheit, or “absolute zero.” In a new paper, however, materials scientists at Stanford University introduce a new nanoscale optical device that works at room temperature to entangle the spin of photons (particles of light) and electrons to achieve quantum communication—an approach that uses the laws of quantum physics to transmit and process data. The technology could usher in a new era of low-cost, low-energy quantum components able to communicate over great distances.

“The material in question is not really new, but the way we use it is,” says Jennifer Dionne, a professor of materials science and engineering and senior author of the paper just published in Nature Communications describing the novel device. “It provides a very versatile, stable spin connection between electrons and photons that is the theoretical basis of quantum communication. Typically, however, the electrons lose their spin too quickly to be useful.”

Popular Forge library gets fix for signature verification bypass flaw

A vulnerability in the ‘node-forge’ package, a popular JavaScript cryptography library, could be exploited to bypass signature verifications by crafting data that appears valid.

The flaw is tracked as CVE-2025–12816 and received a high severity rating. It arises from the library’s ASN.1 validation mechanism, which allows malformed data to pass checks even when it is cryptographically invalid.

“An interpretation-conflict vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions,” reads the flaw’s description in the National Vulnerabilities Database (NVD).

Quantum computers could be powerful enough to decrypt Bitcoin sometime after 2030, CEO of Nvidia’s quantum partner says

“You should have a few good years ahead of you but I wouldn’t hold my Bitcoin,” Peronnin said, laughing. “They need to fork [move to a stronger blockchain] by 2030, basically. Quantum computers will be ready to be a threat a bit later than that,” he said.

Quantum doesn’t just threaten Bitcoin, of course, but all banking encryption. And it is likely that in all these cases companies are developing quantum resistant tools to upgrade their existing security systems.

Defensive security algorithms are improving, Peronnin said, so it’s not certain when the blockchain will become vulnerable to a quantum attack. But “the threshold for such an event is coming closer to us year by year,” he said.

Quantum teleportation between photons from two distant light sources achieved

Everyday life on the internet is insecure. Hackers can break into bank accounts or steal digital identities. Driven by AI, attacks are becoming increasingly sophisticated. Quantum cryptography promises more effective protection. It makes communication secure against eavesdropping by relying on the laws of quantum physics. However, the path toward a quantum internet is still fraught with technical hurdles.

Researchers at the Institute of Semiconductor Optics and Functional Interfaces (IHFG) at the University of Stuttgart have now made a decisive breakthrough in one of the most technically challenging components, the . They report their results in Nature Communications.

Kraken ransomware benchmarks systems for optimal encryption choice

The Kraken ransomware, which targets Windows, Linux/VMware ESXi systems, is testing machines to check how fast it can encrypt data without overloading them.

According to Cisco Talos researchers, Kraken’s feature is a rare capability that uses temporary files to choose between full and partial data encryption.

The Kraken ransomware emerged at the begining of the year as a continuation of the HelloKitty operation, and engages in big-game hunting attacks with data theft for double extortion.

CISA warns of Akira ransomware Linux encryptor targeting Nutanix VMs

US government agencies are warning that the Akira ransomware operation has been spotted encrypting Nutanix AHV virtual machines in attacks.

An updated joint advisory from CISA, the FBI, the Department of Defense Cyber Crime Center (DC3), the Department of Health and Human Services (HHS), and several international partners alerts that Akira ransomware has expanded its encryption capabilities Nutanix AHV VM disk files.

The advisory includes new indicators of compromise and tactics observed through FBI investigations and third-party reporting as recent as November 2025.

Microsoft finds security flaw in AI chatbots that could expose conversation topics

Your conversations with AI assistants such as ChatGPT and Google Gemini may not be as private as you think they are. Microsoft has revealed a serious flaw in the large language models (LLMs) that power these AI services, potentially exposing the topic of your conversations with them. Researchers dubbed the vulnerability “Whisper Leak” and found it affects nearly all the models they tested.

When you chat with AI assistants built into major search engines or apps, the information is protected by TLS (Transport Layer Security), the same used for online banking. These secure connections stop would-be eavesdroppers from reading the words you type. However, Microsoft discovered that the metadata (how your messages are traveling across the internet) remains visible. Whisper Leak doesn’t break encryption, but it takes advantage of what encryption cannot hide.

Glowing Green: A Quantitative Analysis of Photoluminescence in Six North American Bat Species

WhatsApp is rolling out passkey-encrypted backups for iOS and Android devices, enabling users to encrypt their chat history using their fingerprint, face, or a screen lock code.

Passkeys are a passwordless authentication method that allows users to sign in using biometrics (such as face recognition or fingerprint), PINs, or security patterns instead of traditional passwords. They enable logging into websites, online services, or apps without needing to remember complex passwords or use a password manager.

When creating a passkey, your device generates a unique cryptographic key pair consisting of a private key stored on the device and a public key sent to the website or app. Because of this, passkeys provide significantly improved security over regular credentials, seeing that they can’t be stolen in data breaches because the private key never leaves your device.

Qilin Ransomware Combines Linux Payload With BYOVD Exploit in Hybrid Attack

To sidestep detection, the attack chain involves the execution of PowerShell commands to disable AMSI, turn off TLS certificate validation, and enable Restricted Admin, in addition to running tools such as dark-kill and HRSword to terminate security software. Also deployed on the host are Cobalt Strike and SystemBC for persistent remote access.

The infection culminates with the launch of the Qilin ransomware, which encrypts files and drops a ransom note in each encrypted folder, but not before wiping event logs and deleting all shadow copies maintained by the Windows Volume Shadow Copy Service (VSS).

The findings coincide with the discovery of a sophisticated Qilin attack that deployed their Linux ransomware variant on Windows systems and combined it with legitimate IT tools and the bring your own vulnerable driver (BYOVD) technique to bypass security barriers.

/* */