Daily Archives: January 19, 2026

Invitation Is All You Need! Promptware Attacks Against LLM-Powered Assistants in Production Are Practical and Dangerous

Posted on by

The growing integration of LLMs into applications has introduced new security risks, notably known as Promptware – maliciously engineered prompts designed to manipulate LLMs to compromise the CIA triad of these applications. While prior research warned about a potential shift in the threat landscape for LLM-powered applications, the risk posed by Promptware is frequently perceived as low. In this paper, we investigate the risk Promptware poses to users of Gemini-powered assistants (web application, mobile application, and Google Assistant). We propose a novel Threat Analysis and Risk Assessment (TARA) framework to assess Promptware risks for end users. Our analysis focuses on a new variant of Promptware called Targeted Promptware Attacks, which leverage indirect prompt injection via common user interactions such as emails, calendar invitations, and shared documents. We demonstrate 14 attack scenarios applied against Gemini-powered assistants across five identified threat classes: Short-term Context Poisoning, Permanent Memory Poisoning, Tool Misuse, Automatic Agent Invocation, and Automatic App Invocation. These attacks highlight both digital and physical consequences, including spamming, phishing, disinformation campaigns, data exfiltration, unapproved user video streaming, and control of home automation devices. We reveal Promptware’s potential for on-device lateral movement, escaping the boundaries of the LLM-powered application, to trigger malicious actions using a device’s applications. Our TARA reveals that 73% of the analyzed threats pose High-Critical risk to end users. We discuss mitigations and reassess the risk (in response to deployed mitigations) and show that the risk could be reduced significantly to Very Low-Medium. We disclosed our findings to Google, which deployed dedicated mitigations.

Source: [2508.12175] Invitation Is All You Need! Promptware Attacks Against LLM-Powered Assistants in Production Are Practical and Dangerous

AI & Humans: Making the Relationship Work

Posted on by

Leaders of many organizations are urging their teams to adopt agentic AI to improve efficiency, but are finding it hard to achieve any benefit. Managers attempting to add AI agents to existing human teams may find that bots fail to faithfully follow their instructions, return pointless or obvious results or burn precious time and resources spinning on tasks that older, simpler systems could have accomplished just as well.

The technical innovators getting the most out of AI are finding that the technology can be remarkably human in its behavior. And the more groups of AI agents are given tasks that require cooperation and collaboration, the more those human-like dynamics emerge.

Our research suggests that, because of how directly they seem to apply to hybrid teams of human and digital workers, the most effective leaders in the coming years may still be those who excel at understanding the timeworn principles of human management.

We have spent years studying the risks and opportunities for organizations adopting AI. Our 2025 book, Rewiring Democracy, examines lessons from AI adoption in government institutions and civil society worldwide. In it, we identify where the technology has made the biggest impact and where it fails to make a difference. Today, we see many of the organizations we’ve studied taking another shot at AI adoption—this time, with agentic tools. While generative AI generates, agentic AI acts and achieves goals such as automating supply chain processes, making data-driven investment decisions or managing complex project workflows. The cutting edge of AI development research is starting to reveal what works best in this new paradigm.

[…]

Key Takeaways

Managers of hybrid teams can apply these ideas to design their own complex systems of human and digital workers:

DELEGATE.

Analyze the tasks in your workflows so that you can design a division of labour that plays to the strength of each of your resources. Entrust your most experienced humans with the roles that require context and judgment and entrust AI models with the tasks that need to be done quickly or benefit from extreme parallelization.

If you’re building a hybrid customer service organization, let AIs handle tasks like eliciting pertinent information from customers and suggesting common solutions. But always escalate to human representatives to resolve unique situations and offer accommodations, especially when doing so can carry legal obligations and financial ramifications. To help them work together well, task the AI agents with preparing concise briefs compiling the case history and potential resolutions to help humans jump into the conversation.

ITERATE.

AIs will likely underperform your top human team members when it comes to solving novel problems in the fields in which they are expert. But AI agents’ speed and parallelization still make them valuable partners. Look for ways to augment human-led explorations of new territory with agentic AI scouting teams that can explore many paths for them in advance.

Hybrid software development teams will especially benefit from this strategy. Agentic coding AI systems are capable of building apps, autonomously making improvements to and bug-fixing their code to meet a spec. But without humans in the loop, they can fall into rabbit holes. Examples abound of AI-generated code that might appear to satisfy specified requirements, but diverges from products that meet organizational requirements for security, integration or user experiences that humans would truly desire. Take advantage of the fast iteration of AI programmers to test different solutions, but make sure your human team is checking its work and redirecting the AI when needed.

SHARE.

Make sure each of your hybrid team’s outputs are accessible to each other so that they can benefit from each others’ work products. Make sure workers doing hand-offs write down clear instructions with enough context that either a human colleague or AI model could follow. Anthropic found that AI teams benefited from clearly communicating their work to each other, and the same will be true of communication between humans and AI in hybrid teams.

MEASURE AND IMPROVE.

Organizations should always strive to grow the capabilities of their human team members over time. Assume that the capabilities and behaviors of your AI team members will change over time, too, but at a much faster rate. So will the ways the humans and AIs interact together. Make sure to understand how they are performing individually and together at the task level, and plan to experiment with the roles you ask AI workers to take on as the technology evolves.

An important example of this comes from medical imaging. Harvard Medical School researchers have found that hybrid AI-physician teams have wildly varying performance as diagnosticians. The problem wasn’t necessarily that the AI has poor or inconsistent performance; what mattered was the interaction between person and machine. Different doctors’ diagnostic performance benefited—or suffered—at different levels when they used AI tools. Being able to measure and optimize those interactions, perhaps at the individual level, will be critical to hybrid organizations.

In Closing

We are in a phase of AI technology where the best performance is going to come from mixed teams of humans and AIs working together. Managing those teams is not going to be the same as we’ve grown used to, but the hard-won lessons of decades past still have a lot to offer.

This essay was written with Nathan E. Sanders, and originally appeared in Rotman Management Magazine.

Source: AI & Humans: Making the Relationship Work – Schneier on Security

phonon laser created for tiny surface wave acoustic sensors (SAWS)

Posted on by

Engineers have taken a major step toward producing the smallest earthquakes ever created, shrinking seismic-style vibrations down to the scale of a microchip.

The breakthrough centers on a device called a surface acoustic wave phonon laser. The technology could eventually enable more advanced chips for smartphones and other wireless electronics, helping make them smaller, faster, and more energy efficient.

The research was led by Matt Eichenfield, an incoming faculty member at the University of Colorado Boulder, along with scientists from the University of Arizona and Sandia National Laboratories. Their findings were published Jan. 14 in the journal Nature.

What Are Surface Acoustic Waves?

The new device relies on surface acoustic waves, commonly known as SAWs. These waves behave somewhat like sound waves, but instead of traveling through the air or deep inside a material, they move only along its surface.

[…]

“SAWs devices are critical to the many of the world’s most important technologies,” said Eichenfield, senior author of the new study and Gustafson Endowed Chair in Quantum Engineering at CU Boulder. “They’re in all modern cell phones, key fobs, garage door openers, most GPS receivers, many radar systems and more.”

[…]

Most existing SAW systems require two separate chips and an external power source. The new design combines everything into a single chip and could operate using just a battery while reaching much higher frequencies

[…]

the team built a bar-shaped device about half a millimeter long.

A Stack of Specialized Materials

The device consists of several layered materials. At its base is silicon, the same material used in most computer chips. Above that sits a thin layer of lithium niobate, a piezoelectric material. When lithium niobate vibrates, it produces oscillating electric fields, and those electric fields can also trigger vibrations.

The final layer is an extremely thin sheet of indium gallium arsenide. This material has unusual electronic properties and can accelerate electrons to very high speeds even under weak electric fields.

Together, these layers allow vibrations traveling along the lithium niobate surface to interact directly with fast-moving electrons in the indium gallium arsenide.

Making Waves Build Like a Laser

The researchers describe the device as working similarly to a wave pool.

When electric current flows through the indium gallium arsenide, surface waves form in the lithium niobate layer. These waves travel forward, strike a reflector, and then move backward, much like light reflecting between mirrors in a laser. Each forward pass strengthens the wave, while each backward pass weakens it.

“It loses almost 99% of its power when it’s moving backward, so we designed it to get a substantial amount of gain moving forward to beat that,” Wendt said.

After repeated passes, the vibrations grow strong enough that a portion escapes from one side of the device, similar to how laser light eventually exits its cavity.

Faster Waves, Smaller Devices

Using this approach, the team generated surface acoustic waves vibrating at about 1 gigahertz, meaning billions of oscillations per second. The researchers believe the same design could be pushed into tens or even hundreds of gigahertz.

Traditional SAW devices typically max out at around 4 gigahertz, making the new system far faster.

[…]

Source: Engineers just created a “phonon laser” that could shrink your next smartphone | ScienceDaily

To find out what SAWS are used for and how they work, check out: Trends and Applications of Surface and Bulk Acoustic Wave Devices: A Review

A lot of the applications are in MEMS (Micro-Electro-Mechanical Systems) chips and signal filtering.

It seems to me that the biggest innovation must be that they reduced the spacial periodicity, allowing for a much higher frequency (see formula 1 in the above link)

[…] acoustic devices, especially FBARs, represent a broad market as RF filters, compared with conventional electromagnetic devices, thanks to much slower propagation velocity allowing for shorter wavelength and, thus, easy miniaturization and integration into circuits. We then presented another important field of applications of SAW and BAW/FBARs, namely as sensors and actuators. A section was dedicated for their application as physical sensors. Examples of their use for magnetic field, pressure, and temperature monitoring and detection were illustrated. In addition, their application in other fields such as mechanical (in automotive) and orientation measurements were presented. Some examples of SAW-based motors and actuators were also introduced. We then focused on SAW/BAW-based biochemical sensors, which are receiving increasing attention in the research field. Indeed, because of their performances, among them a high sensitivity, a versatile feature that makes them easily functionalized for selectivity, and low cost, they are widely used for gas, liquid, bio-sensing, etc. The sensing applications are still under development, with a rising demand especially for biosensors, since health concerns are more than ever a major topic. As of now, SAW and FBAR devices show a very good capacity for sensing DNA, RNA, proteins, and a wide variety of other bio-compounds. With the COVID-19 pandemic, several biosensors based on SAW and FBAR devices are also reported for the detection of SARS-CoV-2 virus and application for living-matter monitoring is under development, which could be helpful for fast screening of therapeutic nanodrugs, for example. Lastly, we presented current trends related to quantum acoustics, which studies the behavior of phonons and their interactions, as opportunities for new schemes to control quantum information and explore atomic physics beyond photonic systems[…]