Security and Privacy – Communications of the ACM

BLOG@CACM Jul 17 2025

Security Principles for Designing an Unhackable Crypto Wallet

Resilience requires formal rigor, verification tools, and zero-trust assumptions.

Elena Gardner

3D wallet with padlock hole and key, illustration

Opinion Jul 14 2025

Precise, sensible, and easy to use terms to differentiate the two intrinsic types of privacy controls will positively impact the accuracy of privacy research and discussions.

Eman Alashwali

people walking and using cell phones in an urban environment, illustration

Opinion Jul 8 2025

Balancing Secrecy and Transparency in Bug Bounty Programs

Embracing transparency while balancing temporary secrecy can lead to a more resilient and accountable software ecosystem.

Rahul Telang and Muhammad Zia Hydari

woman holding a surreal mirror among clouds, illustration

News Jul 7 2025

AI Empowers Novices to Launch Cyberattacks

AI-powered turnkey tools turn those with little technical expertise into cyber monsters.

David Geer

BLOG@CACM Jul 3 2025

Beyond Downtime: Architectural Resilience on Hyperscalers

Essential considerations for building durable systems in the cloud era.

Azim Shaik

News Jun 18 2025

Protecting LLMs from Jailbreaks

Jailbroken LLMs behave in ways that go against their training.

Jennifer Goforth Gregory

News Jun 17 2025

The Real, Significant Threat of Shadow AI

Unsanctioned AI tools are a growing risk for organizations, especially those in highly regulated industries where security, compliance, and data integrity are critical.

Esther Shein

News Jun 12 2025

Turning Servers Against the Cloud

Attacks targeting internal metadata APIs let systems access information about settings and resources in the cloud, including network addresses and URLs.

David Geer

Opinion Jun 12 2025

AI and Trust

Integrity will be the primary security challenge for AI systems of the next decade.

Bruce Schneier

BLOG@CACM Jun 10 2025

Supply Chain Resilience Is More Important than Ever

Cascading relationships that place vendors, partners, and cloud providers into one another’s ecosystems make resilience an essential element of every node.

Alex Williams

Opinion Jun 10 2025

Beyond the Checkbox: Upgrading the Right to Opt Out

How to make the right to opt out work for everyone.

Sebastian Zimmeck

News Jun 4 2025

Homomorphic Technologies Could Process Still-Encrypted Data

Fully homomorphic encryption could stave off the security threats quantum computers pose to current encryption techniques.

Mark Halper

BLOG@CACM May 30 2025

Deleting X: Why SIGDOC Left the Platform

The platform does not embrace communication design, privacy, and trust, the group's members say.

Morgan C. Banville

BLOG@CACM May 27 2025

Is AI Security Work Best Done In Academia or Industry? Part 2

Academia benefits from the flow of fresh talent, a pristine stream that is seemingly magically, continually replenished.

Saurabh Bagchi

flowers sprout from a book, illustration

Research and Advances May 27 2025

Malicious AI Models Undermine Software Supply-Chain Security

Trusted repositories, cryptographic validation, and controlled access can help organizations mitigate risks associated with malicious AI models.

Aditya K. Sood and Sherali Zeadally

BLOG@CACM May 19 2025

A Growing Concern in Cybersecurity

A proactive, continuous approach to cybersecurity is key to protecting systems from the evolving threat of zero-day exploits.

Alex Tray

BLOG@CACM May 15 2025

Is AI Security Work Best Done In Academia or Industry? Part 1

Many groundbreaking advances in AI research are coming from industry; the source for AI security advances is less clear.

Saurabh Bagchi

road sign arrows pointing to industry and academia

BLOG@CACM Apr 29 2025

Unlocking Offensive Security to Stay Ahead of Cyber Threats

Actively identifying and eliminating vulnerabilities by thinking like an attacker has become essential.

Alex Vakulov

Opinion Apr 29 2025

Fighting Crime Online

Judicial website blocking has several desirable properties in fighting online criminal activities, and could be used safely and effectively in the U.S.

Brett Danaher, Jonathan Hersh, Michael D. Smith, and Rahul Telang

hand in stop sign indicates halt on laptop computer screen

Research and Advances Apr 24 2025

Ransomware: Extortion Is My Business

A look at ransomware, its ecosystems, the impact of its attacks, and the tactics of its attackers.

Jean-Yves Marion

diamond black hat-shaped cuff links on a laptop computer

BLOG@CACM Apr 17 2025

The Rise of Adaptive Phishing: When AI Learns to Manipulate

Tailored phishing messages that appeal directly to the target's interests or match the tone of a trusted contact are harder to spot than traditional phishing.

Alex Williams

smiley face on smartphone and fishing hooks

News Apr 14 2025

AI and Cybersecurity

AI is being used to open, and close, vulnerable points in production systems.

David Geer

News Apr 7 2025

Behind the Bybit Crypto Theft

Experts tracked hacked funds across 12 different blockchains, while law enforcement agencies globally coordinated the efforts.

David Geer

BLOG@CACM Mar 28 2025

Privacy Washing through PETs: the Case of Worldcoin

The computing community should prevent the use of PETs (privacy enhancing technologies) for privacy washing.

Kris Shrishak

Shape the Future of Computing

ACM encourages its members to take a direct hand in shaping the future of the association. There are more ways than ever to get involved.

Get Involved

Communications of the ACM (CACM) is now a fully Open Access publication.

By opening CACM to the world, we hope to increase engagement among the broader computer science community and encourage non-members to discover the rich resources ACM has to offer.

Learn More