Tech Risk Reading Picks

1. API risk in AI era: A new report from Kong highlights the evolving API security landscape in the AI era, revealing that 25% of respondents have encountered AI-enhanced security threats, while 75% express serious concerns about future attacks. Despite 85% of respondents expressing confidence in their security capabilities, 55% have experienced an API security incident in the past year, with one in five incidents costing over $500,000. The study underscores a gap in preparedness, with only 35% adopting zero-trust architectures and few addressing shadow APIs. As AI advances, making threats more sophisticated, the report stresses the urgent need for comprehensive API security strategies to mitigate emerging risks and blind spots. [more]

2. Challenges and opportunities of Artificial Intelligence (AI): AI is poised to transform cybersecurity, offering both groundbreaking opportunities and significant challenges. While AI enhances threat detection and streamlines defenses, it simultaneously empowers threat actors to execute sophisticated attacks, including crafting hyper-personalized phishing campaigns, exploiting zero-day vulnerabilities, and automating malware creation. Generative AI will enable the seamless automation of entire attack chains, from reconnaissance to data exfiltration, making cyber threats more accessible to less skilled attackers. Meanwhile, defenders will leverage AI to bolster security measures, improve zero trust frameworks, and counter emerging threats such as AI-powered ransomware and the exploitation of cloud vulnerabilities. As quantum computing looms, organizations must prepare for a shift to quantum-resistant encryption to protect against “steal-now, decrypt-later” strategies. The cybersecurity landscape will become an escalating arms race between AI-driven attackers and defenders, requiring heightened vigilance, collaboration, and innovation to address these unprecedented risks. [more]

3. Steal and replicate AI models: Researchers demonstrated a novel method to steal and replicate AI models running on devices like the Google Edge TPU with 99.91% accuracy by analyzing electromagnetic signals emitted during processing. This approach bypasses the need for direct hacking or prior knowledge of the AI system’s architecture, exposing vulnerabilities in widely used edge devices. By reverse-engineering layer-by-layer signatures compared to a database, they successfully extracted hyperparameters and recreated the functional model. [more][more-researchpaper]

4. AI impact on Generation Beta: Generation Beta, born from 2025 onward, will grow up immersed in a world dominated by AI and virtual reality, unlike prior generations who adapted to emerging technologies. AI's integration into daily life will revolutionize education, healthcare, and entertainment, presenting immense opportunities but also significant challenges, particularly in underprepared regions like Nepal. While young children are already adept at leveraging tools like ChatGPT for learning and entertainment, concerns arise about the risks to creativity, critical thinking, and online safety, including exposure to harmful content and cybercrimes. Experts emphasize the urgent need for digital safety education, robust AI regulations, and teacher training to ensure AI empowers rather than exploits this generation. However, Nepal's outdated laws and understaffed IT departments highlight a pressing need for systemic reform to address AI's growing impact. [more]

5. Italian airports DDoS: Several Italian infrastructure organizations, including the Malpensa and Milan Linate airports, the Ministry of Foreign Affairs, and the Turin Transport Group, faced DDoS attacks from the pro-Russia hacker group NoName57. Formed in 2022, the group has a history of targeting NATO member institutions, claiming the attacks as retaliation against perceived Russophobia. The Italian National Cybercrime Center swiftly mitigated the impact, with Foreign Minister Antonio Tajani announcing plans for enhanced cybersecurity measures, including a new Directorate-General for cybersecurity and AI. The attacks, linked to Italy's support for Ukraine, align with NoName57’s pattern of targeting critical sectors in countries backing Ukraine amidst Russia's ongoing war. [more]

6. Payroll system of Argentina’s airport security police (PSA) compromised: Argentina’s PSA has fallen victim to a cyberattack that compromised personal and financial data of its personnel, with hackers siphoning off small amounts from salaries under fraudulent labels such as “DD mayor” and “DD seguros.” Local reports suggest the breach exploited a vulnerability in Banco Nación’s systems, which handle PSA payroll, and may have involved internal accomplices. While the PSA has not publicly commented, it has blocked certain services and launched a cybersecurity awareness campaign. The incident is the latest in a series of cyberattacks in Argentina, including breaches of e-government platforms and a ransomware attack on Telecom Argentina, underscoring escalating digital security concerns in the country. [more]

Web3 Cryptospace Spotlight

1. CertiK’s Web3 report noted $1B phishing loss: CertiK’s 2024 Web3 security report, Hack3d, reveals over $2.3 billion lost across 760 on-chain security incidents, marking a 31.6% increase in value stolen and a rise in incidents compared to 2023. Phishing and private key compromises were the leading attack vectors, causing $1 billion and $855 million in losses respectively, with phishing accounting for nearly half of the stolen value. The report highlights phishing’s effectiveness due to its exploitation of human vulnerabilities and the irreversibility of blockchain transactions. Despite the overall rise in losses, excluding phishing incidents suggests ecosystem security is improving, with fewer incidents surpassing $100 million in losses. Hack3d offers vital insights into blockchain vulnerabilities, attack patterns, and best practices to strengthen defenses in the Web3 ecosystem. [more][more-CertiK_web3_security_report]

2. DeFi remained the most targeted sector: The SlowMist report for 2024 highlights the blockchain industry's ongoing evolution at the crossroads of security and innovation, detailing key developments in regulatory policies, anti-money laundering efforts, and security challenges. It recorded 410 security incidents with $2.013 billion in losses—a 19% decrease from 2023—though actual losses may be higher due to underreporting and rising cryptocurrency values. DeFi remained the most targeted sector, accounting for 82.68% of breaches and $1.029 billion in losses, with Ethereum and Binance Smart Chain (BSC) experiencing significant impacts. Smart contract vulnerabilities and account compromises were the leading causes of incidents, alongside notable scams like Rug Pulls. The report underscores the critical need for stronger security measures and industry standards, advocating for progress toward enhanced safety, transparency, and compliance in blockchain ecosystems. [more]

3. Critical bug identified but white hat left frustrated with pending bounty: Virtuals Protocol, a blockchain firm specializing in AI agents, resolved a critical vulnerability in its audited smart contract after security researcher Jinu identified a flaw in the token-launch mechanism that could block future token launches. The issue stemmed from predictable token address generation using the Clones library and the absence of checks for existing Uniswap V2 pairs during token creation, leaving the protocol open to exploitation. Despite the severity, the lack of an active bug bounty program initially left the discovery unrewarded, prompting frustration from Jinu. After public disclosure, Virtuals fixed the flaw, acknowledged the oversight, and relaunched its bug bounty program to prevent future vulnerabilities, though the reward for Jinu's discovery remains pending. [more]

4. First major Web3 hack in 2025: Moby, a decentralized finance (DeFi) platform on the Arbitrum network, was drained $2.5 million after attackers exploited it using a leaked private key and activated an “emergency” withdrawal function in a compromised proxy contract. The stolen funds included WETH, WBTC, and USDC, which were converted to ETH and scattered across wallets. In a dramatic recovery, whitehat hacker Tony Ke, leveraging a flaw in the attacker’s replacement contract, managed to reclaim $1.5 million in USDC. Ke narrowly missed rescuing the remaining $1 million in WETH and WBTC by 30 seconds. Moby assured users it would compensate all losses, emphasizing the breach was unrelated to its smart contract security. [more]

5. Solana quantum resistance (post quantum cryptography) vault: Solana developers have introduced the Winternitz Vault, an optional quantum-resistant feature employing hash-based Winternitz One-Time Signatures (WOTS) to safeguard user funds from future quantum computing threats. By generating a new cryptographic key for each transaction, the vault minimizes the risk of key compromise. While offering robust security through mechanisms like Merkle root creation and Keccak256 hashing, the vault is not a default Solana feature and requires users to opt in, limiting immediate adoption. Aimed at proactive, risk-conscious investors, it highlights the growing recognition of quantum computing as a potential threat, though experts suggest such risks remain decades away. [more]