惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

D
DataBreaches.Net
Apple Machine Learning Research
Apple Machine Learning Research
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
S
SegmentFault 最新的问题
博客园 - 聂微东
罗磊的独立博客
W
WeLiveSecurity
博客园_首页
Scott Helme
Scott Helme
V
Visual Studio Blog
T
The Exploit Database - CXSecurity.com
G
Google Developers Blog
大猫的无限游戏
大猫的无限游戏
Latest news
Latest news
L
Lohrmann on Cybersecurity
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
A
About on SuperTechFans
F
Full Disclosure
Y
Y Combinator Blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
博客园 - 司徒正美
博客园 - Franky
C
CXSECURITY Database RSS Feed - CXSecurity.com
F
Fortinet All Blogs
Blog — PlanetScale
Blog — PlanetScale
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
阮一峰的网络日志
阮一峰的网络日志
S
Schneier on Security
雷峰网
雷峰网
博客园 - 【当耐特】
P
Privacy International News Feed
C
Cyber Attacks, Cyber Crime and Cyber Security
Engineering at Meta
Engineering at Meta
aimingoo的专栏
aimingoo的专栏
MongoDB | Blog
MongoDB | Blog
J
Java Code Geeks
T
Tor Project blog
V
V2EX
爱范儿
爱范儿
C
Check Point Blog
T
Threatpost
Project Zero
Project Zero
量子位
V
Vulnerabilities – Threatpost
Know Your Adversary
Know Your Adversary
I
Intezer
G
GRAHAM CLULEY
P
Privacy & Cybersecurity Law Blog
GbyAI
GbyAI
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com

The Register - Security: Research

www.theregister.com Self-destructing Mistic backdoor linked to access broker selling corporate footholds to ransomware gangs PRC-linked spies hid inside medical and military networks for more than a year, snooping through Gmail and stealing data Nobody needs Mythos or 0-days to build a chaos-causing computer worm – free open source models work just fine ChatGPT blindly trusts browser content, turning the page into a payload Russia-linked threat group put ChatGPT to work from lure to payload Kids can bypass some age checks with a drawn-on mustache What type of 'C2 on a sleep cycle' do they leave behind? Novel Chinese spy group found in critical networks in Poland, Asia ORNL builds more sensitive GPS interference detector Researchers find sabotage malware that may predate Stuxnet Vibe coding upstart Lovable denies data leak, cites 'intentional behavior,' then throws HackerOne under the bus Anthropic, Google, Microsoft paid AI bug bounties – quietly Security reserchers tricked Apple Intelligence into cursing Don't open that WhatsApp message, Microsoft warns Security boffins harvest bumper crop of API keys from web Lightning-fast exploits mean patch fast, says Cisco Talos AI agents are 'gullible' and easy to turn into your minions Smooth criminals talking their way into cloud environments, Google says Snoops plant info-stealing malware on iPhones, Google warns Cybercrime up 245% since the start of the Iran war Rogue AI agents can work together to hack systems Fake applicants are sending security-killing malware AI agent hacked McKinsey chatbot for read-write access Kaspersky: No signs Coruna iPhone exploit kit made by US Perplexity Comet browser hole was exploitable via cal invite DEF CON hackers 'fed up with government,' Jake Braun says DEF CON hackers 'fed up with government,' Jake Braun says Ransomware payments cratered in 2025 – attacks did not Ransomware payments cratered in 2025 – attacks did not Claude's collaboration tools allowed remote code execution Fake 'interview' repos lure Next.js devs into running secret-stealing malware Threat intelligence supply chain is full of weak links AI agents abound, unbound by rules or safety disclosures RAT disguised as an RMM costs crims $300 a month Android malware taps Gemini to navigate infected devices Posting AI caricatures on social media is bad for security Payroll pirates conned the help desk, stole employee’s pay Microsoft boffins show LLM safety can be trained away For the price of Netflix, crooks can rent AI crime ops For the price of Netflix, crooks can rent AI crime ops Fast Pair, loose security: Bluetooth accessories open to silent hijack Fast Pair flaw exposes Bluetooth devices to hijacking A simple CodeBuild flaw put every AWS environment at risk A simple CodeBuild flaw put every AWS environment at risk DeadLock ransomware uses smart contracts to evade defenders Python libraries in AI/ML models can be poisoned w metadata OpenAI patches déjà vu prompt injection vuln in ChatGPT Fake Windows BSODs check in at Europe's hotels to con staff into running malware Hotel staff tricked into installing malware by bogus BSODs Your car’s web browser may be on the road to cyber ruin China's Ink Dragon hides out in European government networks Browser 'privacy' extensions have eye on your AI, log all your chats NCSC finds cyber deception tools work, if deployed right 10K Docker images spray live cloud creds across the internet 'Botnets in physical form' are top humanoid robot risk 'Botnets in physical form' are top humanoid robot risk Apache warns of 10.0-rated flaw in Tika metadata toolkit Novel clickjacking attack relies on CSS and SVG 'Exploitation is imminent' of max-severity React bug Swiss government bans SaaS and cloud for sensitive info Scattered Lapsus$ Hunters stress testing Zendesk weak spots HashJack attack shows AI browsers can be fooled with '#' New ClickFix attacks use fake Windows Updates to swipe creds Years-old bugs in open source took out major clouds at risk LLM-generated malware improving, but not operational (yet) 3.5B WhatsApp users' info scooped through enumeration flaw 3.5B WhatsApp users' info scooped through enumeration flaw 50k more ASUS routers pwned by evolving Beijing-linked op Overconfidence is the new zero-day as teams stumble through cyber simulations LLM side-channel attack could allow snoops to guess topic Landfall spyware used in 0-day attacks on Samsung phones MIT Sloan shelves paper about AI-driven ransomware Security hole slams Chromium browsers - no fix yet OpenAI Atlas Browser tripped up by malformed URLs Devs of VS Code extensions are leaking secrets en masse Chatbots that butter you up make you worse at conflict Tile trackers leak unencrypted Bluetooth data, say boffins Beijing's RedNovember hacked critical US, global orgs Lazarus RAT code resurfaces in North Korean IT-worker scams Suspected Chinese spies broke into 'numerous' enterprises Deepfaked calls hit 44% of businesses in last year: Gartner Kaspersky: RevengeHotels returns with AI-coded malware Ruh-roh. DDR5 memory vulnerable to new Rowhammer attack HybridPetya ransomware dodges UEFI Secure Boot
AI takes a swing at online anonymity
Thomas Claburn Thomas Claburn · 2026-02-26 · via The Register - Security: Research

AI + ML

LLMs killed the privacy star, we can't rewind, we've gone too far

You'll find these days that there's no hiding place

Add privacy to the list of potential casualties caused by the proliferation of AI, because researchers have found that large language models (LLMs) can be used to deanonymize internet users – even those who use pseudonyms – more efficiently than human sleuths.

Much of the academic work on online privacy over the past 25 years builds upon Latanya Sweeney's 2002 research on k-Anonymity [PDF], and prior research in which she demonstrated it is possible to identify 87 percent of the US population using three anonymous data points – a five-digit ZIP code, gender, and date of birth.

The possibility of identifying people from anonymous data became one of the central concerns about online advertising and the usage of cookies in web browsers.

It's a risk that hasn't gone away and now appears to be even more grave, thanks to LLMs that can automate the process of connecting the dots across online posts so they point to a likely source.

"We show that LLM agents can figure out who you are from your anonymous online posts," said Simon Lermen, an AI engineer at MATS Research and one of the corresponding authors of a pre-press paper titled "Large-scale online deanonymization with LLMs."

"Across Hacker News, Reddit, LinkedIn, and anonymized interview transcripts, our method identifies users with high precision – and scales to tens of thousands of candidates,” Lermen explained in an online post.

The researcher observes that while it has long been known that individuals can be identified using only a few data points, doing so was often impractical. Such data often existed in an unstructured form and it took considerable effort for human investigators to assemble enough pieces to solve the identity puzzle.

LLMs accelerate and automate that process, and they do so affordably, Lermen and his co-authors claim.

"We demonstrate that large language models (LLMs) fundamentally change this calculus, enabling fully automated deanonymization attacks that operate on unstructured text at scale," they state in their paper. "Where previous approaches required predefined feature schemas, careful data alignment, and manual verification, LLMs can extract identity-relevant signals from arbitrary prose, efficiently search over millions of candidate profiles, and reason about whether two accounts belong to the same person."

In one experiment, the authors collected 338 Hacker News users whose bios link to a LinkedIn profile. They did so to establish ground-truth identities for the study subjects so the LLMs’ predictions could be checked – this was also to avoid the ethical problems of actually deanonymizing people in a research study.

Next, they created a structured data profile of these users based on their comments and the stories they posted. Then they created a search prompt, anonymized it, and passed it to the AI agent. The agent went on to correctly identify 226 of the 338 targets, a success rate of 67 percent at 90 percent precision (there were 25 errant identifications and 86 abstentions where the model didn't offer a prediction).

The technique employed by the authors is not a universal privacy solvent – it's only successful some of the time. But it's successful often enough that those posting online under a pseudonymous account should not assume their identities will remain unknown.

It’s also cheap to run. The researchers report their entire experiment cost about $2,000, with the cost per profile estimated to be between $1 and $4.

Who would bother? The authors suggest that governments could use this technique to target journalists or activists, that corporations could mine forums to build highly targeted advertising profiles, and that online attackers could develop detailed personal profiles to make social engineering scams more credible.

Lermen argues that netizens therefore need to consider how each data point they share helps identify them.

"The combination is often a unique fingerprint," he said. "Ask yourself: could a team of smart investigators figure out who you are from your posts? If yes, LLM agents can likely do the same, and the cost of doing so is only going down."

Lermen’s co-authors are Daniel Paleka (ETH Zurich), Joshua Swanson (ETH Zurich), Michael Aerni (ETH Zurich), Nicholas Carlini (Anthropic), and Florian Tramèr (ETH Zurich). ®