Microsoft develops a lightweight scanner that detects backdoors in open-weight LLMs using three behavioral signals, improving AI model security and tr
Category: security
Simulations and supercomputing calculate one million orbits in cislunar space
Satellites and spacecraft in the vast region between the earth and moon and just beyond — called cislunar space — are crucial for space exploration, scientific advancement and national security. But figuring out where exactly to put them into a stable orbit can be a huge, computationally expensive challenge.
In an open-access database and with publicly available code, researchers at Lawrence Livermore National Laboratory (LLNL) have simulated and published one million orbits in cislunar space. The effort, enabled by supercomputing resources at the Laboratory, provides valuable data that can be used to plan missions, predict how small perturbations might change orbits and monitor space traffic.
To begin, the Space Situational Awareness Python package takes in a range of initial conditions for an orbit, like how elliptical and tilted the orbit is and how far it gets from the earth.
How AI & Quantum Are Reshaping Federal Innovation
By Chuck Brooks
#artificialintelligence #tech #government #quantum #innovation #federal #ai
By Chuck Brooks, president of Brooks Consulting International
In 2026, government technological innovation has reached a key turning point. After years of modernization plans, pilot projects and progressive acceptance, government leaders are increasingly incorporating artificial intelligence and quantum technologies directly into mission-critical capabilities. These technologies are becoming essential infrastructure for economic competitiveness, national security and scientific advancement rather than merely scholarly curiosity.
We are seeing a deliberate change in the federal landscape from isolated testing to the planned implementation of emerging technology across the whole government. This evolution represents not only technology momentum but also policy leadership, public-private collaboration and expanded industrial capability.
Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions
The Eclipse Foundation, which maintains the Open VSX Registry, has announced plans to enforce security checks before Microsoft Visual Studio Code (VS Code) extensions are published to the open-source repository to combat supply chain threats.
The move marks a shift from a reactive to a proactive approach to ensure that malicious extensions don’t end up getting published on the Open VSX Registry.
“Up to now, the Open VSX Registry has relied primarily on post-publication response and investigation. When a bad extension is reported, we investigate and remove it,” Christopher Guindon, director of software development at the Eclipse Foundation, said.
Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users
A security audit of 2,857 skills on ClawHub has found 341 malicious skills across multiple campaigns, according to new findings from Koi Security, exposing users to new supply chain risks.
ClawHub is a marketplace designed to make it easy for OpenClaw users to find and install third-party skills. It’s an extension to the OpenClaw project, a self-hosted artificial intelligence (AI) assistant formerly known as both Clawdbot and Moltbot.
The analysis, which Koi conducted with the help of an OpenClaw bot named Alex, found that 335 skills use fake pre-requisites to install an Apple macOS stealer named Atomic Stealer (AMOS). This activity set has been codenamed ClawHavoc.
OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link
A high-severity security flaw has been disclosed in OpenClaw (formerly referred to as Clawdbot and Moltbot) that could allow remote code execution (RCE) through a crafted malicious link.
The issue, which is tracked as CVE-2026–25253 (CVSS score: 8.8), has been addressed in version 2026.1.29 released on January 30, 2026. It has been described as a token exfiltration vulnerability that leads to full gateway compromise.
“The Control UI trusts gatewayUrl from the query string without validation and auto-connects on load, sending the stored gateway token in the WebSocket connect payload,” OpenClaw’s creator and maintainer Peter Steinberger said in an advisory.
Russian hackers exploit recently patched Microsoft Office bug in attacks
Ukraine’s Computer Emergency Response Team (CERT) says that Russian hackers are exploiting CVE-2026–21509, a recently patched vulnerability in multiple versions of Microsoft Office.
On January 26, Microsoft released an emergency out-of-band security update marking CVE-2026–21509 as an actively exploited zero-day flaw.
CERT-UA detected the distribution of malicious DOC files exploiting the flaw, themed around EU COREPER consultations in Ukraine, just three days after Microsoft’s alert.
New study unveils ultra-high sensitivity broadband flexible photodetectors
A research team, affiliated with UNIST, has unveiled a flexible photodetector, capable of converting light across a broad spectrum—from visible to near-infrared—into electrical signals. This innovation promises significant advancements in technologies that require simultaneous detection of object colors and internal structures or materials.
Led by Professor Changduk Yang from the Department of Energy & Chemical Engineering, the research team developed perovskite-organic heterojunction photodetectors (POH-PDs) that combine high sensitivity with exceptional accuracy in the near-infrared (NIR) region. The findings have been published in Advanced Functional Materials.
Photodetectors are essential components in numerous applications, including smartphone displays that automatically adjust brightness and security systems that utilize vein recognition.
A Breakthrough That Cuts Blockchain Delays Nearly in Half
The idea of a fully connected digital world is quickly becoming real through the Internet of Things (IoT). This expanding network includes physical devices such as small sensors, autonomous vehicles, and industrial machines that collect and exchange data online.
Protecting this data from tampering is essential, which has led engineers to explore blockchain as a security solution. Although blockchain is widely known for its role in cryptocurrencies, its core function is as a decentralized digital ledger. Instead of data being controlled by a single organization, information is shared and maintained across many computers.