AI Gives ‘Problematic’ Health Advice Around Half The Time, Study Suggests
The most dangerous advice may sound most convincing.
Not as smart as the name suggests.Cellular Drawstrings Seal the Developing Brain
Researchers identified a “purse-string” mechanism powered by actin and molecular motors that physically pulls the neural tube closed during early development.
Voice morphing attack blends identities to bypass voice biometrics: study
A new research paper explores a signal-level approach to voice morphing attacks that exposes vulnerabilities in biometric voice recognition systems.
The abstract describes Time-domain Voice Identity Morphing (TD-VIM) as “a novel approach for voice-based biometric morphing” which “enables the blending of voice characteristics from two distinct identities at the signal level.” TD-VIM allows for seamless voice morphing directly in the time domain, allowing “identity blending without any embeddings from the backbone, or reference text.”
“In biometric systems, it is a common practice to associate each sample or template with a specific individual,” the authors say. Advanced Voice Identity Morphing (VIM) enables the generation of a sample that blends the identities of two or more speakers. “The morphed voice sample can be used to match all identities whose voice samples are employed to generate morphing attacks, thus posing a high risk to application scenarios, such as banking and finance, where single identity verification is essential.”
To explore the problem, the research team “created four distinct morphed signals based on morphing factors and evaluated their effectiveness using a comprehensive vulnerability analysis.” Data was benchmarked against the Generalized Morphing Attack Potential (G-MAP) metric, “measuring attack success across two deep-learning-based Speaker Verification Systems (SVS) and one commercial system, Verispeak.”
“Our targeted analysis on Verispeak highlights TD-VIM’s success rate in challenging advanced SVS defenses,” says the conclusion. “The findings underscore TD-VIM’s potential to bypass sophisticated verification measures, emphasizing the importance of enhancing SVS security.”
The research comes out of the Indian Institute of Technology and the Norwegian University of Science and Technology (NTNU).
Deezer says AI song uploads have nearly overtaken human music
Deezer says it receives nearly 75,000 AI-generated song submissions to its music streaming platform each day, accounting for about 44 percent of all daily uploads, as reported earlier by TechCrunch. Despite the increase in “fraudulent” uploads, Deezer says the consumption of AI songs makes up around 1 to 3 percent of total streams, as the […]
Many smartphones don’t detect face biometrics spoofs or properly warn consumers
Biometric liveness detection remains a significant “flaw” and a “vulnerability” of most Android smartphones with facial unlocking. Most are still prone to simplistic and low-cost spoofs available to inexpert attackers, according to an analysis by Which?.
The publication notes that iPhones are generally immune to spoofs with printed 2D photos, due to the depth-sensing capability of Face ID. Some newer Google Pixel devices were also not fooled by flat images in Which? testing.
The convenience factor of native device face biometrics is identified as such sometimes, and Which? acknowledges that “some manufacturers have made strides in providing clearer warnings during setup.”
Yet many Android smartphones do not, it says, including models from OnePlus and Motorola. OnePlus did just release a new phone with in-display 3D ultrasonic fingerprint biometrics from Qualcomm.
Which? labs has tested 208 phones since October of 2022, and found 2D printed photos were good enough spoofs to fool the face biometric unlock systems of 133 devices, or 64 percent of them.
Testing during 2025 revealed a 13 percent improvement, year-over-year, after a brutal 2024 in which the share of spoof-prone devices rose dramatically.
Samsung’s Galaxy S26 has adequate biometric presentation attack detection (PAD), Which? says, but previous models including the Galaxy S25 do not. At least the manufacturer properly warns consumers that its facial recognition is a convenience feature, rather than a high-security one.
While banking apps and digital wallets no longer accept 2D Android face biometrics as a secure authentication factor, Which? warns that users relying on face biometrics to unlock their phone risk a phone thief with their photo reading their text messages, sending emails from their account, which could allow them to reset passwords for other services, access photos and other sensitive documents and view additional information like wallet history and partial payment card information.
The publication advises all smartphone users to unlock their phones with a PIN or fingerprint biometrics. A complex PIN or password provides the “highest” security level, it says. Patterns provide the lowest, Which? says, because they are easily shoulder-surfed. Shoulder surfing is not mentioned in the password guidance.
Which? will also avoid giving “Best Buy” or “Great Value” recommendations to phones that do not adequately inform users about the limits of their face biometrics capabilities.
As for those apps that do recognize a difference between on-device convenience authentication factors and higher-security biometrics, hopefully they have strong injection attack detection (IAD).
