Researchers Find Computer Mice Can Spy On Conversations - 1

Image by Rebekah Yip, from Unsplash

Researchers Find Computer Mice Can Spy On Conversations

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Sarah Frazier Former Content Manager

Researchers have uncovered a new cyber risk called “Mic-E-Mouse,” showing that everyday computer mice can record speech by detecting surface vibrations.

In a rush? Here are the quick facts:

  • It uses optical sensors to capture desk vibrations and reconstruct speech.
  • The attack reached 80% speaker recognition accuracy in tests.
  • Even cheap mice under $50 are vulnerable to this spying method.

A new study titled has revealed a startling security risk—modern computer mice can be exploited to secretly record conversations. Researchers found that high-performance optical sensors used in consumer-grade mice can pick up sound vibrations from a desk surface and turn them into intelligible audio.

According to the study, “Attackers can exploit these sensors’ ever-increasing polling rate and sensitivity to emulate a makeshift microphone and covertly eavesdrop on unsuspecting users.” The technique, called Mic-E-Mouse, uses signal processing and machine learning to reconstruct speech from the faint vibrations detected by the mouse’s optical sensor.

The researchers tested Mic-E-Mouse using popular datasets like VCTK and AudioMNIST, achieving an SI-SNR increase of +19 dB, 80% speaker recognition accuracy, and a word error rate (WER) of 16.79%. These results suggest that even basic mice priced under $50 could be repurposed for audio spying.

“With only a vulnerable mouse, and a victim’s computer running compromised or even benign software, we show that it is possible to collect mouse packet data and extract audio waveforms,” the authors explained.

The data collection process is “invisible to the average user,” allowing attackers to record without raising suspicion.

The research warns that video games and creative software are ideal delivery vehicles for such exploits, as they naturally collect high-frequency mouse data and include networking functions that can exfiltrate the information unnoticed.

Ultimately, the team concludes that “auditory surveillance through high-performance optical sensors is now possible, effective, and performant.”

As optical sensor technology continues to improve, they warn that this unexpected form of spying could become more accessible and widespread—turning an ordinary computer mouse into an unlikely eavesdropping device.

Hackers Exploit Critical GoAnywhere File Transfer Flaw To Deploy Medusa Ransomware - 2

Image by Nahel Hadi, from Unsplash

Hackers Exploit Critical GoAnywhere File Transfer Flaw To Deploy Medusa Ransomware

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Sarah Frazier Former Content Manager

Hackers are exploiting a severe GoAnywhere Managed File Transfer flaw to execute remote code, steal data, and deploy Medusa ransomware.

In a rush? Here are the quick facts:

  • Hackers can remotely execute code using forged license response signatures.
  • Cybercrime group Storm-1175 exploited the flaw to deploy Medusa ransomware.
  • Exploitation doesn’t require authentication on Internet-exposed systems.

Microsoft has released a warning about attackers actively using CVE-2025-10035 to exploit a severe vulnerability in GoAnywhere Managed File Transfer (MFT), which researchers say holds a maximum severity rating of 10.0.

The flaw allows hackers to take control of servers, and execute remote code, by sending forged license responses to the platform’s License Servlet.

According to Microsoft Threat Intelligence, a cybercriminal group called Storm-1175, known for using Medusa ransomware, has been exploiting the flaw in real-world attacks since September 11, 2025.

“The vulnerability could allow a threat actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection and potential remote code execution (RCE),” according to Microsoft.

The bug affects GoAnywhere MFT Admin Console versions up to 7.8.3, and exploitation doesn’t require authentication, making Internet-exposed systems particularly vulnerable.

Attackers use SimpleHelp and MeshAgent remote monitoring tools to gain system access and create .jsp files in MFT directories for staying inside the system.

The attackers perform network discovery using netscan followed by lateral movement through mstsc.exe before executing Medusa ransomware attacks.

Microsoft says attackers also used Cloudflare tunnels to hide their command-and-control (C2) communications and Rclone for data theft. “Ultimately, in one compromised environment, the successful deployment of Medusa ransomware was observed,” the report stated.

The company needs users to run system updates right away following Fortra’s recommended steps because security updates do not eliminate active malware. “Review of the impacted system may be required,” Microsoft said.

Businesses should block server Internet access and enable multi-factor authentication according to security experts who want to use Microsoft Defender External Attack Surface Management for identifying exposed systems.

Microsoft Defender protects users from this vulnerability through its detection and blocking features which stop attackers from exploiting the vulnerability against customers.