I've got to hand it to the SwitchBot Lock Vision Pro and its palm-vein authentication

With palm vein authentication, 3D face scanning, and fingerprint support, this smart lock is not lacking biometric options.
Communications of the ACM

Hard Problems in Cybersecurity: Past, Present, and Future

In revisiting past hard problems, it is also important to recount successes that helped us bolster our defense. Successes ...
techtimes

Coupang Hit With Record $409M Fine: One Unrevoked Key Exposed Two-Thirds of South Korea

A general view shows the logo of South Korean online delivery service Coupang, at a building housing the company's headquarters in Seoul on December 9, 2025. Jung Yeon-je/AFP via Getty Images South ...
Engadget

Everything to know before putting your car key on an Android phone

Smartphones are a common replacement for credit and debit cards thanks to features like Google Pay and Apple Pay. As more car makers update their tech, your smartphone might just be a replacement for ...
The Hacker News

How to Test Ransomware Recovery Without Reinfecting Your Environment

Clean backups can restore dormant malware; MSPs now require isolated, telemetry-driven ransomware recovery testing under NIS 2.
GitHub

hackerhouse-opensource/cve-2018-10933

CVE-2018-10933 libssh authentication bypass, a vulnerable Docker container that listens on port 2222 for exploitation. A basic proof-of-concept libssh patch included in the container to bypass auth.
The New York Times

The Best Two-Factor Authentication App

Still looking? See more results on Wirecutter. We independently review everything we recommend. When you buy through our links, we may earn a commission. Learn more› By Max Eddy Max Eddy is a writer ...
Bleeping Computer

When attackers already have the keys, MFA is just another door to open

The Figure breach exposed 967,200 email records without a single exploit. Understanding what that enables — and why your MFA cannot contain it — is an architectural problem, not a user education ...
IEEE

Physically Secure Lightweight and Privacy-Preserving Message Authentication Protocol for VANET in Smart City

Abstract: Secure message transmission in vehicular communications in smart cities is still a challenging task. Most of the related work employed the Public Key Infrastructure, Certification Revocation ...
theregister

Bankrupt scooter startup left one private key to rule them all

An Estonian e-scooter owner locked out of his own ride after the manufacturer went bust did what any determined engineer might do. He reverse-engineered it, and claims he ended up discovering the ...
IEEE

Physical Layer Authentication Based on Nonlinear Kalman Filter for V2X Communication

Abstract: Authentication is an important guarantee for vehicle to everything (V2X) commercial deployment. Currently, V2X security often use identity authentication schemes based on public key ...
CSOonline

Coupang breach of 33.7 million accounts allegedly involved engineer insider

South Korea’s worst data breach in over a decade raises concerns about poor authentication key management and a potential insider threat. A prolonged lack of management of valid authentication keys ...