This new AI attack steals models without touching the system
AI models may no longer be safe behind walls, as researchers show signals from GPUs can reveal their inner design without hacking, using a small antenna and side-channel analysis from several meters away.
JimMin
A side-channel attack can reconstruct AI models from a distance using leaked signals.
Sora Shimazaki / Pexels
AI systems have long been treated like sealed black boxes, especially in areas like facial recognition and autonomous driving. New research suggests that protection isn’t as solid as assumed.
A KAIST-led team shows that AI systems can be reverse engineered remotely using emissions that leak during normal operation, without direct intrusion. Instead, the approach listens.
Using a small antenna, the researchers captured faint electromagnetic traces from GPUs and rebuilt how the system was designed. It sounds like a heist trick, but the results hold up, and the security implications are immediate.
How the side channel works
The system, called ModelSpy, collects electromagnetic output produced while GPUs handle AI workloads These traces are subtle, yet they follow patterns tied to how the architecture is arranged.
AI model structures can be stolen through walls using an antenna hidden in a bag NDSS Symposium 2026 paper by Jun Han et al.
By analyzing those patterns, the team inferred key details, including layer setups and parameter choices. Tests showed core structures could be identified with up to 97.6 percent accuracy.
The setup is what makes this unsettling. The antenna fits inside a bag and doesn’t need physical access. It worked from as far as six meters away, even through walls, across multiple GPU types. Computation itself becomes a side channel, exposing the system’s design without a traditional breach.
Why this changes AI security
This pushes AI security into less familiar territory. Most defenses focus on software exploits or network access. ModelSpy targets the physical byproducts of computation instead.
Even isolated systems could leak sensitive information if hardware emissions aren’t controlled. For companies, that architecture is often core intellectual property, which turns this into a direct business risk.
pwstudio/123RF
The work frames this as a cyber physical challenge, where defending AI now involves both digital safeguards and the surrounding environment, which raises the bar for what protection actually means.
What defenses look like now
The team also outlined ways to reduce the risk, including adding electromagnetic noise and adjusting how computations run so patterns become harder to interpret
Those fixes suggest a broader change. Securing AI may require hardware level adjustments, not just software updates, which complicates deployment for industries already locked into existing systems.
The research earned recognition at a major security conference, signaling how seriously this threat is being taken. The next exposure may not involve breaking in at all, but simply observing what systems unintentionally reveal.
Paulo Vargas is an English major turned reporter turned technical writer, with a career that has always circled back to…
This wild MacBook Neo water-cooling mod turns it into a much faster machine
A liquid-cooled MacBook Neo sounds stupid until you see the performance gains
The MacBook Neo was never meant to be a powerful laptop for heavy workloads. It was built as a simple, affordable notebook that promises decent performance and solid battery life for everyday use. It is not supposed to need custom water cooling like a gaming PC.
And yet, that is exactly what happened.
Google raises storage to 5TB at no extra cost, if you already pay for AI Pro
If you already pay for Google AI, you just got 3TB more storage for free
Google has quietly made its AI Pro plan even more useful. The company has increased the bundled storage from 2TB to 5TB without changing the monthly price. This means that users already paying around $20 per month for Google's AI tier can now get an extra 3TB of storage across Google Drive, Gmail, and Google Photos at no added cost.
AI subscriptions are easy to pitch, promising smarter chatbots and flashy generation tools. But they are much easier to justify when they also solve another practical problem people have, which is constantly running out of cloud storage.
Google Chrome’s secret loading feature could speed up browsing for you
If you’ve ever opened a webpage and wondered why it takes a second too long to settle, especially when it’s packed with videos and media, this upcoming change might finally fix that. For years, Chromium-based browsers — including Microsoft Edge and Vivaldi — have supported lazy loading. But only for images and iframes. That’s not quite the same for video and audio. But that’s about to change. Thanks to a proposal by independent developer Helmut Januschka, Chromium-based browsers are gearing up to support native lazy loading for video and audio elements as well. And while it sounds like a technical footnote, it could make browsing much smoother.
What lazy loading actually does (and why it matters)
