how it works: It's all based on timing how long it takes for JavaScript statements to access the local storage for the (malicious) website. If other websites or local apps are also accessing the same SSD at the same time, those accesses will take longer because of contention for the SSD. Different websites and apps have different usage patterns of the local storage. You can take all that timing data and feed it into a pretrained convolutional neural network to detect which websites and apps are running.

It requires at least 1G of storage, so savvy users can detect unusual storage usage, and for everyone else browser makers can reduce storage limits per website below that.

#cybersecurity #FROST

Oooh, this could be loads of fun.

IEEE Spectrum: Voice AI Systems Are Vulnerable to Hidden Audio Attacks

Research shows sounds unheard by human ears can hijack models’ behavior

spectrum.ieee.org/voice-ai-aud…

#cybersecurity #AI

📝🚨 New blog post: How a bug in Archive Utility allowed access to protected app data (including iMessage and WhatsApp chats, and Safari cookies) without any permissions.

The bug could also be exploited to hijack installed apps such as Signal and 1Password to perform phishing attacks.

Apple fixed the issue in macOS 26.4 as CVE-2026-28910, five months after we reported it

#Apple #macOS #privacy #security #cybersecurity #infosec

mysk.blog/2026/05/19/cve-2026-…

#Signalapp doesn't actually delete messages when they're deleted (either manually or by automation). The message deletion is written to Write-ahead Log, and the data is only truly deleted once Signal is restarted or threshold of 1000 pages is reached. For macOS Signal application, extra complication arises from the fact that the signal message database can be backed up before the database consolidation occurs. Large amount of the supposedly already deleted messages could be recovered from the device or backups.

This concerns use cases where deleting messages actually getting removed in timely manner is of high importance and recovery of the deleted messages could lead to grave consequences.

TL;DR: If you don't care about deleted messages being actually deleted you don't need to worry.

Full advisory at: sintonen.fi/advisories/signal-…

#fulldisclosure #infosec #cybersecurity

🛡️ #Cybersecurity news & tips across the #fediverse

“Microsoft Israel head ousted reportedly over IDF’s controversial use of cloud tech Microsoft’s Israel general manager Alon Haimovich will be stepping down, following the findings of an internal review into…
# NewsBeep...”

newsbeep.org/@newsbeep/1165713…

🤖 via RSS feed. Not an endorsement.

Microsoft Issues Emergency Mitigation for YellowKey BitLocker Bypass

Microsoft released emergency mitigations for a BitLocker bypass vulnerability (CVE-2026-45585) that allows attackers with physical access to access encrypted data via the Windows Recovery Environment.

**To protect against the YellowKey physical bypass attack switch your BitLocker configuration from TPM-only to TPM+PIN configuration. Relying on hardware-only secrets is no longer sufficient when the boot process itself can be manipulated. IT teams should also manually modify their WinRE images to remove the autofstx.exe entry from the registry until Microsoft releases an official, permanent patch.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai…