Telecom & crypto red flags

A new open-source toolkit called Sni5Gect, published by the ASSET research group at SUTD and presented at USENIX Security 2025, can sniff pre‑authentication 5G NR messages and inject downlink payloads to crash devices or force downgrades from 5G to 4G. (usenix.org ) The Sni5Gect codebase and reproducibility artifacts are published on GitHub and Zenodo, and the authors report over 80% sniffing accuracy and 70–90% injection success in lab tests up to about 20 meters. (github.com ) (zenodo.org ) Infrastructure abuse research groups and industry coalitions have pushed DNS into the policy spotlight: the i2Coalition launched a “DNS at Risk” project documenting resolver interference and blocking trends, while the GNSO released a draft DNS‑Abuse PDP charter on March 4, 2026 to start policy work on DNS misuse. (i2coalition.com ) (gnso.icann.org ) An arXiv study published in December 2025 warned that modern 5G designs’ dependence on centralized core networks creates “islands” during outages or targeted attacks, removing emergency services and broadcasts from affected regions unless operators deploy local/core‑redundant designs. (arxiv.org ) Security leaders are elevating post‑quantum migration: NIST has finalized post‑quantum standards and repeatedly flagged classical DH/ECDH as at‑risk, Cloudflare’s 2025 assessment notes X25519 is dominant today (and thus a harvest‑now, decrypt‑later target), and vulnerability management vendors are advising inventory and prioritization for PQC migration. (csrc.nist.gov ) (blog.cloudflare.com ) (tenable.com ) Operationally urgent: telemetry vendors and scanners grade Diffie‑Hellman primes under 2048 bits as a WARN/weak setting and vendors have documented live CVEs against DH implementations (for example CVE‑2024‑41996 in F5 products), which CISOs cite as an exploitable vector during the PQC transition. (help.bitsighttech.com ) (my.f5.com )