Security – Lifeboat News: The Blog

Apr 16
2026

Spatiotemporal light pulses could secure optical communication by masking data

Researchers at Ben-Gurion University of the Negev have developed a new approach to secure optical communication that hides information in the physical structure of light, making it difficult for unauthorized parties to intercept or decode. The study addresses a growing challenge: advances in quantum computing are expected to weaken many of today’s encryption methods. While most security solutions rely on complex mathematical algorithms, this research adds protection earlier in the process—during the transmission of the signal itself.

The research was led by Dr. Judith Kupferman and Prof. Shlomi Arnon from the School of Electrical and Computer Engineering at Ben-Gurion University of the Negev. The findings were published in Optical and Quantum Electronics.

The researchers propose a communication method based on specially shaped light pulses, known as spatiotemporal optical vortices. These light beams are designed so that their key features are not visible in standard measurements.

Apr 16
2026

Why this single-chip LED advance could shrink AR glasses and boost quantum links

Researchers at The University of Osaka, in collaboration with ULVAC, Inc. and Ritsumeikan University, have developed a new LED structure that generates circularly polarized light from a single chip. By combining a semipolar InGaN light-emitting structure with a stripe-shaped silicon nitride metasurface, the team created a compact light source that reduces energy-conversion loss and operates at room temperature.

This advancement could help bring ultra-compact, durable light sources closer to practical use in AR/VR, 3D displays, quantum communication, and optical security. The work is published in the journal Optical Materials Express.

Circularly polarized light is useful for a wide range of next-generation technologies. However, previous circularly polarized LEDs have struggled to combine high polarization, high efficiency, durability, and scalable manufacturing. In many previous designs, only one circular polarization component can be extracted from unpolarized light, placing a theoretical limit of 50% on conversion efficiency.

Apr 16
2026

Actively Exploited nginx-ui Flaw (CVE-2026–33032) Enables Full Nginx Server Takeover

A recently disclosed critical security flaw impacting nginx-ui, an open-source, web-based Nginx management tool, has come under active exploitation in the wild.

The vulnerability in question is CVE-2026–33032 (CVSS score: 9.8), an authentication bypass vulnerability that enables threat actors to seize control of the Nginx service. It has been codenamed MCPwn by Pluto Security.

“The nginx-ui MCP (Model Context Protocol) integration exposes two HTTP endpoints: /mcp and /mcp_message,” according to an advisory released by nginx-ui maintainers last month. “While /mcp requires both IP whitelisting and authentication (AuthRequired middleware), the /mcp_message endpoint only applies IP whitelisting — and the default IP whitelist is empty, which the middleware treats as ‘allow all.’”

Apr 15
2026

Taking a closer look at immune ‘memory’ could spur progress in the fight against lethal illnesses

The average human has about 1.8 trillion immune cells. These cells patrol the body for bacteria, viruses, cancers, and other threats. Vaccines enhance this security system by teaching our immune cells to target specific pathogens. According to the World Health Organization, vaccine-induced immunity saves about six lives every minute. But how long does this protective immune “memory” last?

According to Shane Crotty, Ph.D., Professor and Chief Scientific Officer at La Jolla Institute for Immunology (LJI), we still have much to learn about immune memory.

“There are actually not many studies of human immune memory due to vaccines,” says Crotty. “Scientists traditionally don’t track immune memory past one year after vaccination—or even six months after vaccination—and that’s a bit of a problem.”

Apr 14
2026

Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security

Google adds a Rust-based DNS parser to Pixel 10 modem firmware, reducing memory vulnerabilities and strengthening defenses against baseband exploits.

Apr 14
2026

AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud

Pushpaganda exploits Google Discover using AI-generated content, driving scams and ad fraud globally, prompting Google to deploy a security fix.

Apr 14
2026

Over 100 Chrome Web Store extensions steal user accounts, data

More than 100 malicious extensions in the official Chrome Web Store are attempting to steal Google OAuth2 Bearer tokens, deploy backdoors, and carry out ad fraud.

Researchers at application security company Socket discovered that the malicious extensions are part of a coordinated campaign that uses the same command-and-control (C2) infrastructure.

The threat actor published the extensions under five distinct publisher identities in multiple categories: Telegram sidebar clients, slot machine and Keno games, YouTube and TikTok enhancers, a text translation tool, and utilities.

Apr 14
2026

Elon Musk’s xAI sues over Colorado’s AI antidiscrimination law, claiming it’s a threat to Grok’s free speech

Senate Bill 205, passed in 2024, is one of the nation’s first attempts to regulate ‘high-risk’ AI systems and protect consumers from ‘algorithmic discrimination’ — or disparate treatment or impacts on protected classes under Colorado law.

In the complaint, which was filed in federal court in Denver, Musk’s lawyers contend that the law is ‘unconstitutionally vague’ and ‘invites arbitrary enforcement’ because it fails to define some key terms. They also contend that Colorado’s law would cause Musk’s AI chatbot, Grok, to ‘abandon its disinterested pursuit of truth and instead promote the State’s ideological views on various matters, racial justice in particular,’ which they say violates the First Amendment.

‘Unless the implementation and enforcement of SB24-205 is enjoined, it will violate xAI’s constitutional rights and cause irreparable constitutional harm, impose enormous burdens on xAI and the AI industry, and substitute Colorado’s political preferences for the national economic and security imperative of American AI dominance,’ the complaint reads in part…

…State Rep. Briana Titone, D-Arvada, one of Senate Bill 205’s lead sponsors, told The Sun that Musk’s lawsuit seems like a ‘fishing expedition’ that misinterprets the core of the law.

‘This is where the disconnect is. SB 205 is about consequential decisions, not about freedom of speech,’ Titone said. ‘It’s completely detached from it. And they’re trying to use this argument for a law that has nothing to do with what he’s saying. We’re not restricting speech. Our bill does not say that Grok still can’t be a dick.’

The lawsuit was filed at a time when the Trump administration looks to preempt state regulation of AI models through executive fiat.

Continue reading “Elon Musk’s xAI sues over Colorado’s AI antidiscrimination law, claiming it’s a threat to Grok’s free speech” | >

Apr 14
2026

Move Reveals Its New Markerless Motion Capture System Genesis

Move, a company focused on motion capture and 3D animation, unveiled Genesis, its new high-quality markerless motion capture system, delivering data quality “comparable to optical systems alongside the reliability, security, and integration required by professional VFX, AAA gaming, and creative studios.”

This is a “foundational strategic shift” from the consumer-focused Move Pro to a dedicated enterprise ecosystem. Genesis has already replaced Move Pro on the company’s site, replacing action cameras with Z-Cam integration.

Apr 13
2026

Retinal Vessel Dysfunction in Cerebral Autosomal Dominant Arteriopathy With Subcortical Infarcts and Leukoencephalopathy

An Ultra-Widefield Fluorescein Angiography Study.

This website uses a security service to protect against malicious bots. This page is displayed while the website verifies you are not a bot.