Security and Privacy – Communications of the ACM

Research and Advances Aug 27 2025

Socioeconomic Threats of Deepfakes and the Role of Cyber-Wellness Education in Defense

Malicious actors appear to be a step ahead of policymakers and educational institutions developing cyber-wellness education and enforcement programs.

Milad Taleby Ahvanooey, Wojciech Mazurczyk, and Dongwon Lee

BLOG@CACM Aug 27 2025

The Power of Digital Twins in Cybersecurity

The convergence of IT and OT systems has introduced cybersecurity risks where a single weak spot can render an entire network vulnerable.

Alex Williams

Research and Advances Aug 27 2025

Grand Challenges in Trustworthy Computing at 20: A Retrospective Look at the Second CRA Grand Challenges Conference

A historical perspective on tackling new cyber challenges and securing the future of the computing infrastructure.

Richard A. DeMillo and Eugene H. Spafford

Research Highlights Aug 21 2025

NeuroRadar: A Neuromorphic Radar Sensor for Low-Power IoT Systems

NeuroRadar provides a unique and innovative solution for radar sensing in energy-constrained IoT devices.

Kai Zheng, Kun Qian, Timothy Woodford, and Xinyu Zhang

BLOG@CACM Jul 31 2025

AI and the Democratization of Cybercrime

Offensive AI should be regulated like a controlled substance.

Alex Williams

Opinion Jul 30 2025

Deconstructing the Take It Down Act

It is easy to imagine the FTC weaponizing its newfound Take It Down Act authority as a tool of censorship and extortion.

James Grimmelmann

Opinion Jul 29 2025

Stop Using Vulnerability Counts to Measure Software Security

A project with a history of vulnerability fixes doesn't mean it is less secure.

Andy Meneely and Brandon Keller

hands holding banners with numbers, illustration

Research Highlights Jul 24 2025

SRAM Has No Chill: Exploiting Power Domain Separation to Steal On-Chip Secrets

Showing the effectiveness of a voltage-based attack that snapshots SRAM, without exposing an SoC to low temperature.

Jubayer Mahmod and Matthew Hicks

Research Highlights Jul 24 2025

Technical Perspective: Defending Data from SRAM-Based Attacks

SRAM-based attacks include recovering portions of memory from internal caches, internal RAM, and some CPU registers; attaching voltage probes that can keep SRAM powered on SoCs.

Stefan Saroiu

News Jul 21 2025

Internal Chat Logs of Ransomware Group Leaked

"Russia allows professional cybercrime gangs to operate within its borders as long as they do not cause domestic incidents."

David Geer

BLOG@CACM Jul 17 2025

Security Principles for Designing an Unhackable Crypto Wallet

Resilience requires formal rigor, verification tools, and zero-trust assumptions.

Elena Gardner

3D wallet with padlock hole and key, illustration

Opinion Jul 14 2025

Two Types of Data Privacy Controls

Precise, sensible, and easy to use terms to differentiate the two intrinsic types of privacy controls will positively impact the accuracy of privacy research and discussions.

Eman Alashwali

people walking and using cell phones in an urban environment, illustration

Opinion Jul 8 2025

Balancing Secrecy and Transparency in Bug Bounty Programs

Embracing transparency while balancing temporary secrecy can lead to a more resilient and accountable software ecosystem.

Rahul Telang and Muhammad Zia Hydari

woman holding a surreal mirror among clouds, illustration

News Jul 7 2025

AI Empowers Novices to Launch Cyberattacks

AI-powered turnkey tools turn those with little technical expertise into cyber monsters.

David Geer

BLOG@CACM Jul 3 2025

Beyond Downtime: Architectural Resilience on Hyperscalers

Essential considerations for building durable systems in the cloud era.

Azim Shaik

News Jun 18 2025

Protecting LLMs from Jailbreaks

Jailbroken LLMs behave in ways that go against their training.

Jennifer Goforth Gregory

News Jun 17 2025

The Real, Significant Threat of Shadow AI

Unsanctioned AI tools are a growing risk for organizations, especially those in highly regulated industries where security, compliance, and data integrity are critical.

Esther Shein

News Jun 12 2025

Turning Servers Against the Cloud

Attacks targeting internal metadata APIs let systems access information about settings and resources in the cloud, including network addresses and URLs.

David Geer

Opinion Jun 12 2025

AI and Trust

Integrity will be the primary security challenge for AI systems of the next decade.

Bruce Schneier

BLOG@CACM Jun 10 2025

Supply Chain Resilience Is More Important than Ever

Cascading relationships that place vendors, partners, and cloud providers into one another’s ecosystems make resilience an essential element of every node.

Alex Williams

Opinion Jun 10 2025

Beyond the Checkbox: Upgrading the Right to Opt Out

How to make the right to opt out work for everyone.

Sebastian Zimmeck

News Jun 4 2025

Homomorphic Technologies Could Process Still-Encrypted Data

Fully homomorphic encryption could stave off the security threats quantum computers pose to current encryption techniques.

Mark Halper

BLOG@CACM May 30 2025

Deleting X: Why SIGDOC Left the Platform

The platform does not embrace communication design, privacy, and trust, the group's members say.

Morgan C. Banville

BLOG@CACM May 27 2025

Is AI Security Work Best Done In Academia or Industry? Part 2

Academia benefits from the flow of fresh talent, a pristine stream that is seemingly magically, continually replenished.

Saurabh Bagchi

flowers sprout from a book, illustration

Shape the Future of Computing

ACM encourages its members to take a direct hand in shaping the future of the association. There are more ways than ever to get involved.

Get Involved

Communications of the ACM (CACM) is now a fully Open Access publication.

By opening CACM to the world, we hope to increase engagement among the broader computer science community and encourage non-members to discover the rich resources ACM has to offer.

Learn More