Security and Privacy – Communications of the ACM

Practice Sep 19 2025

Fifty Years of Open Source Software Supply-Chain Security

Problems with software supply-chain security are fundamental and have no easy answers.

Russ Cox

BLOG@CACM Sep 16 2025

Strengthening Enterprise Quantum Security

The clock isn’t ready to strike midnight on outdated encryption, but it’s ticking louder every day.

Carl Torrance

Arab World Regional Special Section Sep 15 2025

Cybersecurity in The Arab World: Technological and Socio-Political Dimensions

A cooperative strategy could position the Arab World as an influential contributor to global cybersecurity and AI development.

News Sep 10 2025

The Pros and Cons of Zero Trust

Implementations are complex, resource-intensive, and involve high costs.

David Geer

thumbs up and thumbs down with zero trust icon

News Sep 8 2025

Fooling You, Fooling Me

Illusions provide a way to study compositional generation and understand how machine learning models generate images.

Sandrine Ceurstemont

BLOG@CACM Sep 4 2025

Social Engineering 2.0

AI is the ultimate force multiplier for cybercriminals, making scams cheaper, faster, and more convincing.

Gaurav Belani

BLOG@CACM Sep 3 2025

Spotting Scams Based on Fake Profiles

A lack of awareness of how scammers operate keeps them just a click away, ready to steal your money, identity, and sensitive information.

Alex Tray

Research and Advances Aug 27 2025

Socioeconomic Threats of Deepfakes and the Role of Cyber-Wellness Education in Defense

Malicious actors appear to be a step ahead of policymakers and educational institutions developing cyber-wellness education and enforcement programs.

Milad Taleby Ahvanooey, Wojciech Mazurczyk, and Dongwon Lee

BLOG@CACM Aug 27 2025

The Power of Digital Twins in Cybersecurity

The convergence of IT and OT systems has introduced cybersecurity risks where a single weak spot can render an entire network vulnerable.

Alex Williams

Research and Advances Aug 27 2025

Grand Challenges in Trustworthy Computing at 20: A Retrospective Look at the Second CRA Grand Challenges Conference

A historical perspective on tackling new cyber challenges and securing the future of the computing infrastructure.

Richard A. DeMillo and Eugene H. Spafford

Research Highlights Aug 21 2025

NeuroRadar: A Neuromorphic Radar Sensor for Low-Power IoT Systems

NeuroRadar provides a unique and innovative solution for radar sensing in energy-constrained IoT devices.

Kai Zheng, Kun Qian, Timothy Woodford, and Xinyu Zhang

BLOG@CACM Jul 31 2025

AI and the Democratization of Cybercrime

Offensive AI should be regulated like a controlled substance.

Alex Williams

Opinion Jul 30 2025

Deconstructing the Take It Down Act

It is easy to imagine the FTC weaponizing its newfound Take It Down Act authority as a tool of censorship and extortion.

James Grimmelmann

Opinion Jul 29 2025

Stop Using Vulnerability Counts to Measure Software Security

A project with a history of vulnerability fixes doesn't mean it is less secure.

Andy Meneely and Brandon Keller

hands holding banners with numbers, illustration

Research Highlights Jul 24 2025

SRAM Has No Chill: Exploiting Power Domain Separation to Steal On-Chip Secrets

Showing the effectiveness of a voltage-based attack that snapshots SRAM, without exposing an SoC to low temperature.

Jubayer Mahmod and Matthew Hicks

Research Highlights Jul 24 2025

Technical Perspective: Defending Data from SRAM-Based Attacks

SRAM-based attacks include recovering portions of memory from internal caches, internal RAM, and some CPU registers; attaching voltage probes that can keep SRAM powered on SoCs.

Stefan Saroiu

News Jul 21 2025

Internal Chat Logs of Ransomware Group Leaked

"Russia allows professional cybercrime gangs to operate within its borders as long as they do not cause domestic incidents."

David Geer

BLOG@CACM Jul 17 2025

Security Principles for Designing an Unhackable Crypto Wallet

Resilience requires formal rigor, verification tools, and zero-trust assumptions.

Elena Gardner

3D wallet with padlock hole and key, illustration

Opinion Jul 14 2025

Two Types of Data Privacy Controls

Precise, sensible, and easy to use terms to differentiate the two intrinsic types of privacy controls will positively impact the accuracy of privacy research and discussions.

Eman Alashwali

people walking and using cell phones in an urban environment, illustration

Opinion Jul 8 2025

Balancing Secrecy and Transparency in Bug Bounty Programs

Embracing transparency while balancing temporary secrecy can lead to a more resilient and accountable software ecosystem.

Rahul Telang and Muhammad Zia Hydari

woman holding a surreal mirror among clouds, illustration

News Jul 7 2025

AI Empowers Novices to Launch Cyberattacks

AI-powered turnkey tools turn those with little technical expertise into cyber monsters.

David Geer

BLOG@CACM Jul 3 2025

Beyond Downtime: Architectural Resilience on Hyperscalers

Essential considerations for building durable systems in the cloud era.

Azim Shaik

News Jun 18 2025

Protecting LLMs from Jailbreaks

Jailbroken LLMs behave in ways that go against their training.

Jennifer Goforth Gregory

News Jun 17 2025

The Real, Significant Threat of Shadow AI

Unsanctioned AI tools are a growing risk for organizations, especially those in highly regulated industries where security, compliance, and data integrity are critical.

Esther Shein

Shape the Future of Computing

ACM encourages its members to take a direct hand in shaping the future of the association. There are more ways than ever to get involved.

Get Involved

Communications of the ACM (CACM) is now a fully Open Access publication.

By opening CACM to the world, we hope to increase engagement among the broader computer science community and encourage non-members to discover the rich resources ACM has to offer.

Learn More