HTTP/2 200 server: nginx date: Thu, 09 Oct 2025 10:00:25 GMT content-type: text/html; charset=UTF-8 strict-transport-security: max-age=31536000 vary: Accept-Encoding last-modified: Thu, 09 Oct 2025 09:59:11 GMT cache-control: max-age=227, must-revalidate x-nananana: Batcache-Hit host-header: wpcloud vary: Cookie link: ; rel="https://api.w.org/" link: ; rel="alternate"; title="JSON"; type="application/json" link: ; rel=shortlink content-encoding: gzip x-ac: 3.bom _atomic_dca MISS alt-svc: h3=":443"; ma=86400 server-timing: a8c-cdn, dc;desc=bom, cache;desc=MISS;dur=840.0

Schneier on Security

Home

Crypto-Gram Newsletter

Crypto-Gram is a free monthly e-mail digest of posts from Bruce Schneier’s Schneier on Security blog.

• Subscribe
• Unsubscribe
• Archives
• Translations
• Other Formats
• Privacy Statement

Recent Issues

September 15, 2025

In this issue:

1. Trojans Embedded in .svg Files
2. Eavesdropping on Phone Conversations Through Vibrations
3. Zero-Day Exploit in WinRAR File
4. Subverting AIOps Systems Through Poisoned Input Data
5. Jim Sanborn Is Auctioning Off the Solution to Part Four of the Kryptos Sculpture
6. AI Agents Need Data Integrity
7. I’m Spending the Year at the Munk School
8. Poor Password Choices
9. Encryption Backdoor in Military/Police Radios
10. We Are Still Unable to Secure LLMs from Malicious Inputs
11. The UK May Be Dropping Its Backdoor Mandate
12. Baggage Tag Scam
13. 1965 Cryptanalysis Training Workbook Released by the NSA
14. Indirect Prompt Injection Attacks Against LLM Assistants
15. Generative AI as a Cybercrime Assistant
16. GPT-4o-mini Falls for Psychological Manipulation
17. My Latest Book: Rewiring Democracy
18. AI in Government
19. Signed Copies of Rewiring Democracy
20. New Cryptanalysis of the Fiat-Shamir Protocol
21. A Cyberattack Victim Notification Framework
22. Upcoming Speaking Engagements

Read This Issue →

August 15, 2025

In this issue:

1. Report from the Cambridge Cybercrime Conference
2. Hacking Trains
3. Security Vulnerabilities in ICEBlock
4. New Mobile Phone Forensics Tool
5. Another Supply Chain Vulnerability
6. "Encryption Backdoors and the Fourth Amendment"
7. Google Sues the Badbox Botnet Operators
8. How the Solid Protocol Restores Digital Agency
9. Subliminal Learning in AIs
10. Microsoft SharePoint Zero-Day
11. That Time Tom Lehrer Pranked the NSA
12. Aeroflot Hacked
13. Measuring the Attack/Defense Balance
14. Cheating on Quantum Computing Benchmarks
15. Spying on People Through Airportr Luggage Delivery Service
16. First Sentencing in Scheme to Help North Koreans Infiltrate US Companies
17. Surveilling Your Children with AirTags
18. The Semiconductor Industry and Regulatory Compliance
19. China Accuses Nvidia of Putting Backdoors into Their Chips
20. Google Project Zero Changes Its Disclosure Policy
21. Automatic License Plate Readers Are Coming to Schools
22. The "Incriminating Video" Scam
23. SIGINT During World War II
24. AI Applications in Cybersecurity
25. LLM Coding Integrity Breach

Read This Issue →

July 15, 2025

In this issue:

1. Where AI Provides Value
2. Ghostwriting Scam
3. Self-Driving Car Video Footage
4. Surveillance in the US
5. Largest DDoS Attack to Date
6. Here’s a Subliminal Channel You Haven’t Considered Before
7. What LLMs Know About Their Users
8. House of Representatives Bans WhatsApp
9. The Age of Integrity
10. How Cybersecurity Fears Affect Confidence in Voting Systems
11. Iranian Blackout Affected Misinformation Campaigns
12. Ubuntu Disables Spectre/Meltdown Protections
13. Surveillance Used by a Drug Cartel
14. Hiding Prompt Injections in Academic Papers
15. Yet Another Strava Privacy Leak
16. Using Signal Groups for Activism
17. Tradecraft in the Information Age

Read This Issue →

More Issues →

Sidebar photo of Bruce Schneier by Joe MacInnis.

Powered by WordPress Hosted by Pressable