More and more routine vaccines are being linked to lower risks of dementia. Shots against seasonal flu, RSV, tetanus, diphtheria, and pertussis (Tdap), pneumococcal infections, hepatitis A and B, and typhoid have all been linked to lower risks. And one of the strongest connections is from vaccination against shingles, with more data supporting the link still coming in. But as the evidence mounts, scientists continue to puzzle over the pleasant surprise—how are vaccines that target specific pathogens inadvertently shielding our minds from deterioration?

A burgeoning hypothesis offers a brow-raising possibility: The shots may be protecting our noggins by training the part of our immune system that had long been considered untrainable. If the idea holds up, it could generate a deeper understanding of fundamental aspects of our immune systems while opening new avenues to treating or preventing dementia. It could also add another dimension to the benefits of vaccines, which already save millions of lives worldwide.

Trained immunity

It's well understood how vaccines work generally; they're designed to prime our immune systems against specific pathogens. Vaccines present either defanged pathogens or distinctive fragments of them to specialized immune cells—namely, T cells and antibody-producing B cells—that can then learn to identify those microbial enemies.

So if such a pathogen stages an attack after immunization, those immune cells will be able to recognize the invaders quickly and destroy them. This process, as intended, engages adaptive immune responses, the part of the immune system known to be trainable. It can learn to target specific threats—and remember those threats, aka immunologic memory.

Then there's the other part of the immune system, the innate immune responses. These precede adaptive responses, acting as first-line, non-specific defenses against germs and injury. Innate defenses include everything from physical barriers—skin, mucous, gastric acid—to immune cells that can indiscriminately gobble invaders, as well as chemical signals that can swiftly ignite generic inflammation.

For decades, the innate immune response was considered relatively static—not one that evolves or hones itself as new threats are encountered. But that changed in 2011 with the coining of the term "trained immunity" to explain changes documented in innate immune responses from past exposures. Trained immunity occurs when cells involved in innate responses are activated and then primed by generic signals from a germ. Those primed cells acquire and maintain changes that allow them to respond to those germ signals faster and with more intensity the next time they're encountered.

Specifically, the changes observed in trained immunity are epigenetic. These don't alter the underlying DNA sequence of the cells but are modifications or chemical tags that alter gene activity. In the case of trained immunity, the changes may involve genes coding for pro-inflammatory signals that make those genes more active when the same germ signal is encountered again. Ultimately, this would lead to a stronger inflammatory response. Similar to adaptive responses, these epigenetic changes stick around afterward, creating another type of immunologic memory.

Quirky vaccines

So how does this connect to vaccines? The concept of trained immunity was solidified by data involving a vaccine—but one that's far from routine in the US: the quirky Bacillus Calmette-Guérin (BCG) vaccine, which was designed to protect against tuberculosis, caused by the bacterium Mycobacterium tuberculosis, but also used to treat bladder cancer (it's still unclear how the vaccine works against this cancer).

Nevertheless, in 2012, researchers in the Netherlands conducted an experiment to investigate trained immunity in mice engineered to lack adaptive immune responses—they had no T cells or B cells. The researchers vaccinated the weakened animals with BCG, looking for changes in innate responses, the only responses the mice had.

The researchers found that the shot not only bolstered the rodents' innate protective responses against M. tuberculosis but also boosted responses against an unrelated yeast pathogen, Candida albicans. Further work suggested similar trained immunity occurred in humans.

In the same study, the researchers examined blood samples from healthy human trial participants before and after immunization with BCG. After vaccination, the researchers found that immune cells in their blood produced stronger innate responses (pro-inflammatory signals) to M. tuberculosis than they did before the shot. They also produced stronger responses to C. albicans and the bacterial pathogen Staphylococcus aureus, suggesting non-specific trained immunity. The study was published in PNAS.

Since then, researchers have built a body of evidence to support and understand trained immunity. But in the past few years, the idea has collided with a steady stream of large population studies that have found that vaccines seem to protect against dementia. While most of the big studies that have made headlines have focused on routine vaccines—shingles and the flu, for example, a study in 2023 found that the BCG vaccine is also associated with a significantly lower risk of dementia.

In March, vaccine researchers in Belgium and South Africa, led by Justin Devine, put the findings together, including all the work on BCG, and published a hypothesis: Perhaps trained immunity from vaccines is behind the lower risks of dementia.

Prior to this, a leading hypothesis for the connection was that vaccines reduce the risk of dementia directly by preventing infections that can lead to inflammation in the brain, which, over time, could cause deterioration. This is particularly a strong hypothesis for the shingles vaccine. Shingles is caused by the varicella-zoster virus, which initially causes chickenpox but then lingers in the body, staying mostly dormant in nerve cells. It can reactivate any time there's a fault in the immune system, which often happens in older age, when immune responses naturally wane.

A shot of a shingles vaccine blocks reactivation, potentially preventing the virus from triggering brain inflammation that could contribute to the development of dementia. Conversely, there's some evidence that having shingles may increase the risk of dementia.

A possible mechanism

But not every vaccine linked to reduced dementia risk comes with such an explanation for how it may protect the brain. For example, the seasonal flu vaccine seems to reduce dementia, but it's unclear how. Still, in a large retrospective study published last month, researchers again bolstered the link between the seasonal flu shot and lower risks of dementia, this time finding that high-dose seasonal flu shots given to older patients are yet more protective against dementia than standard doses.

In other words, there seems to be a dose-dependent response—the higher the flu vaccine dose, the lower the dementia risk. The authors don't speculate on how the seasonal shot could affect cognitive health, but they call for more research into potential mechanisms, including trained immunity.

In the March hypothesis piece, published in the journal Frontiers in Immunology, Devine and colleagues hypothesize that trained immunity from vaccinations could indeed be responsible.

"A central element in this immunological model is that uncontrolled or excessive levels of neuro-inflammation, associated with elevated dementia risk, can be counteracted by epigenetic reprogramming of innate immune cells," they write.

For instance, it may be that the nonspecific changes to innate responses from vaccines are able to keep both targeted and non-targeted pathogens in check, preventing brain inflammation from flaring up, they say.

For now, the idea is just a hypothesis, and there's a lot more work needed to validate it. But the stakes are high for pursuing it, the researchers argue. "Elucidating the mechanisms underlying these promising observations may open new avenues to promote healthy aging through vaccination and could be crucial for alleviating the global burden of dementia," they write.

Read full article

Comments

The 119th Congress might be one of the most dysfunctional and least productive legislative sessions in the 250-year history of the United States, but it seems there's one thing it can agree on: Electric vehicles don't cost their owners enough money. The Transportation and Infrastructure committee has published its bill to fund surface transportation for the next half-decade, and among the provisions in the "Building Unrivaled Infrastructure and Long-term Development for America’s 250th Act" is an annual fee levied against owners of EVs.

“I’m extremely proud of the historic level of investment in America’s bridges—at more than $50 billion, it’s the largest such investment in our history. And the BUILD America 250 Act ensures that electric vehicle owners begin paying their fair share for the use of our roads," said committee chairperson Sam Graves (R-Mo.).

Should the bill pass—and it enjoys support from the Democratic Party, too—you will be required to pay a $130 federal registration fee to drive an EV. And starting in 2029, that fee will increase by $5 each year until it reaches $150. Plug-in hybrids don't escape untaxed, either; the fee for a PHEV begins at $35 a year and will escalate by $5 each year until it reaches $50 annually. And if state departments of transport don't collect this federal EV tax, the federal government will "withhold an amount equal to 125 percent of the amount owed from the state’s highway apportionment."

Why?

Road funding in the US is a messy business, paid for by a mix of federal and state gas taxes, state vehicle registration fees, and local budgets. And as the percentage of fuel-efficient PHEVs and gas-abstaining EVs grows, the amount of money available to pay for road upkeep drops. So, in the abstract, asking EV and PHEV owners to pay their share is not unreasonable, especially since the slightly higher curb weight of these vehicles will do slightly more damage to the roads, although passenger vehicles are a rounding error compared to a garbage truck, bus, or tractor-trailer.

Some states have already started imposing a registration fee on clean vehicles to offset reduced gas tax receipts. And at some point, when a significant proportion of the country's vehicles are EVs or PHEVs, an alternative road-funding method that does not rely on the gas tax will certainly be in order.

But EV adoption in the US has taken a severe hit since the election of President Trump and the abolition of federal clean-vehicle incentives. As of now, EVs make up barely 3 percent of the entire vehicle fleet. Meanwhile, the federal gas tax has not been increased since 1993; had it been adjusted to keep pace with inflation, it would add an extra 42.34c to a gallon rather than a pathetic 18.4 cents currently.

"Drivers of gas-powered vehicles pay approximately $73 to $89 in federal gas tax each year. The proposed fee would charge an unfair premium on EV drivers at a time when all Americans are looking for ways to save money," said Albert Gore, executive director of the Zero Emissions Transportation Association. "This is particularly concerning as the EV fee will increase to $150 by 2035—nearly double what gas car drivers would pay in a year. This fee lands on top of the road use taxes that many EV drivers already pay at the state level."

"In addition to the new EV fee, the bill makes major changes to federal investments for dedicated EV charging. A lack of dedicated EV funding could particularly impact EV drivers living in—and traveling to—more rural and remote locations in the United States, where federal funding is most needed to help fill gaps in existing charging infrastructure," Gore said.

"With Americans demanding more affordable transportation options as gasoline tops $4.50 a gallon, this bill would impose an onerous new fee on electric vehicles and plug-in hybrids while slashing investments in new EV chargers," said Shruti Vaidyanathan, director of federal and state transportation advocacy at the National Resources Defense Council. "Congress should be boosting investments in projects that cut costs, cut emissions, create jobs, and build a transportation system that works for all Americans. This bill largely ignores the need to build cleaner, more affordable transportation options."

We should perhaps be glad that the final version will cost drivers much less than Rep Graves' last proposal, which started at $250/year for EVs and $100/year for hybrids.

Read full article

Comments

Last fall, we featured an extensive interview with Petter Törnberg of the University of Amsterdam, who studies the underlying mechanisms of social media that give rise to its worst aspects: the partisan echo chambers, the concentration of influence among a small group of elite users (attention inequality), and the amplification of the most extreme divisive voices. He wasn't optimistic about social media's future.

Törnberg's research showed that, while numerous platform-level intervention strategies have been proposed to combat these issues, none are likely to be effective. And it’s not the fault of much-hated algorithms, non-chronological feeds, or our human proclivity for seeking out negativity. Rather, the dynamics that give rise to all those negative outcomes are structurally embedded in the very architecture of social media. So we’re probably doomed to endless toxic feedback loops unless someone hits upon a brilliant fundamental redesign that manages to change those dynamics.

Törnberg has been very busy since then, producing two new papers and one new preprint building on this realization that social media is structured quite differently than the physical world, with unexpected downstream consequences. The first new paper, published in PLoS ONE, specifically focused on the echo chamber effect, using the same combined standard agent-based modeling with large language models (LLMs)—essentially creating little AI personas to simulate online social media behavior.

Those simulated users were randomly programmed to either hold an opinion or its opposite and then interact randomly with selected members of a simulated online community. And if the proportion of community members who disagreed with those simulated users exceeded a given threshold, those agents were programmed to leave and join a different online community.

Filter bubbles: Not a culprit, but a cure

Consistent with last year's results, echo chambers emerge naturally from the basic architecture of social media platforms. "One surprising finding is the fact that we get echo chambers even without any filter bubbles, even if people really love being in diverse spaces," said Törnberg. "You don't need an algorithmic nudge. You can still get these highly segregated spaces. The other surprising finding is that filter bubbles, which have been blamed for homogeneity, can be a cure."

It doesn't take much to destabilize or stabilize the system, Törnberg found. Even if the threshold for disagreement was quite low, disagreements were amplified to the point that each random interaction was increasingly likely to exceed the threshold. More and more users were pushed to relocate until what was once a community with a solid diversity of opinion rapidly became polarized and/or overly homogenous.

Conversely, if just 10 percent of users in a given social media community largely agree with your stances, you will be more tolerant toward diverse opinions that contradict your own. "There's a certain chance that some users will end up in communities where it's very homogenous and 99 percent of users are disagreeing with them," said Törnberg. "That will cause them to leave, and you get this feedback effect just because of the structure of interaction. But if you have a filter bubble effect, where everyone is shown 10 percent of their own type, that creates a possibility for you to find the people who you agree with within the community. And that stabilizes the entire dynamics so it doesn't tip over to one side or the other and become extreme or overly homogenous."

Törnberg found some confirmation of those dynamics when he analyzed an actual online echo chamber: the subreddit r/MensRights. He found that members of the subreddit were more likely to leave if their posts diverged too far, linguistically, from the community's center of gravity.

"Who are the users leaving the community?" said Törnberg. "The users that are more ideologically distant are more likely to leave. So it captures the same mechanism of feedback dynamics, where the community becomes more homogenous and more extreme because users leave—[and they leave] because they feel it's becoming too homogenous and extreme. Eventually it tips over to one direction. And of course, as the community becomes more extreme, there's this boiling the frog effect where the users who stay are influenced by the community and become more extreme."

In principle, it could be possible to exploit these feedback effects to preserve viewpoint diversity—but there are caveats. "Ultimately, it's about changing the fundamental rules of what people are seeing and being mindful of the feedback effects that always play out in any complex system," said Törnberg. "That being said, do I want to tell [Mark] Zuckerberg to implement more filter bubbles on Facebook? I think I'd want a little bit more evidence before going that far. But it does highlight that we need to have a little more humility when it comes to our design of these systems and what the downstream consequences are. We tend to maybe think one step ahead, but miss the fact that these are highly complex systems, full of feedback effects that often do the exact opposite of what you intend."

The "botification" of social media

For his second new paper, published in the Journal of Quantitative Description: Digital Media (JQD:DM), Törnberg relied on nationally representative data from the 2020 and 2024 American National Election Studies surveys, covering US citizens from all 50 states and Washington, DC. The objective was to learn more about shifting trends in how people were using (or not using) social media across all platforms, demographics, and political affiliations.

Törnberg found that visits and posting activity on Facebook, YouTube, and Twitter/X—what one might consider legacy social media platforms—showed marked declines. However, "My sense is that the number of posts on Twitter and Facebook has probably not really declined despite the fact that the number of people posting—humans who are alive and have a pulse—has dropped by 50 percent, because of the rise of AI and LLMs and the botification of those platforms," said Törnberg.

Most social media platforms slightly shifted politically to the right, although they remained Democratic-leaning on balance—except for Twitter/X. In that case, "The engagement behavior was a 72 percentage point shift to the right, which is just insane," said Törnberg. "It used to be that the more you posted on Twitter, there was a slight correlation with how much you liked the Democrats and how much you disliked Republicans—how effectively polarized you were to the left. Now it's very strongly and very clearly correlated with hating Democrats and liking Republicans. So the graph appropriately becomes an X, which I guess is exactly what [Elon Musk] paid for."

Meanwhile, on Facebook, posting behavior is correlated on both sides of the partisan divide and has more to do with how active the most partisan users are, prompting casual users to disengage so that those louder voices dominate, making the platform narrower and more ideologically extreme. "The more you're effectively polarized, the more you post on Facebook," said Törnberg. "That's the social media prism or the fun house mirror of social media in action, because the most extreme voices are the voices that tend to post, and also they tend to become more visible because of the engagement algorithms."

Reddit and TikTok were outliers, showing modest growth instead of decline. Törnberg thinks TikTok's growth, in particular, indicates another interesting shift. "I think that there is a general transition from the text-based, interaction-based social media to this more fully algorithmic video, short video form," he said. "So is it even a social media anymore? We tend to put TikTok and Instagram in the same basket as Twitter/X. I don't think that really makes sense because we're seeing a shift away from one form of social media to a new form of media platform that is fundamentally different."

Is it even "social media" anymore?

That shift is the focus of a new preprint that Törnberg co-authored with University of Amsterdam colleague Richard Rogers. "When we talk about social media, there are certain assumptions about what it is," said Törnberg. "It's user-generated, and there's a platform that organizes interaction, but the platform cannot produce content on its own. So instead the platform allows people to connect with each other, and it just provides infrastructure for that. The [terms] social network and social media is almost synonymous. Those describe pre-algorithm Twitter circa 2012 quite well."

Now that more and more users are disengaging and often leaving those platforms entirely, the AI bots are moving in, often at the instigation of the social media platforms themselves. "We don't need the users anymore," said Törnberg of the reasoning behind such decisions. "We don't need them to generate content. We can generate our own content and we can automate the users. So there's a splintering of what used to be social media."

Törnberg identified three new kinds of emerging online media platforms, starting with private or semi-private group chats like WhatsApp. "The social part has just moved into these private group chat features," he said. Then there other protected communities like Substack, often organized around a certain influential leader, "where there are more boundaries to joining in such a way that bots doesn't make sense. The dynamic and logic of those places are very different from social media and much more driven by parasocial relationships."

The second category is what Törnberg calls algorithmic broadcasting media, like TikTok, Instagram, and even Facebook, to a certain degree, thanks to the Reels aspect. The third is users interacting with AI chatbots. "If you look at the data, it seems like about twice as many people are talking to a chatbot versus posting on social media," said Törnberg. "It's coming to replace a little bit of that function of sociality that social media provided."

While setting up smaller private spaces online might seem like a way to reproduce the local coffeehouse/public square dynamic that we all ideally wanted social media to be, Törnberg says it is not. "The local coffee shop model is geographically local," he said. "It becomes diverse because it is constrained by geographical distance. It forces a coming together of diverse groups because there's one coffeehouse. A WhatsApp group is a non-local space. It's precisely the example of a system that can tip over one side or another to become an echo chamber. Just because Meta doesn't have the platform control doesn't mean it's going to not turn horrible."

"Abandoning or fleeing responsibilities is not going to be the solution to the fact that digital technology is reshaping our society," Törnberg added. "It needs functional scaffolding and democratic systems for doing it responsibly and actually pursuing positive democratic prosocial values, which is not something that is seemingly on offer at the moment."

Törnberg does think it's possible to reorganize social media spaces in positive ways so that most users can find that 10 percent of other users who agree with them, thus making them more open to divergent views. And it helps that most users really do prefer more pleasant online communities, not platforms rife with toxic waste. "But then how do we shape the rules to produce those outcomes?" he said. "It's a much harder question. How do we create spaces that are both engaging and fun to use, but that don't go down to that dark place because of all of these feedback effects?"

BlueSky's highly effective blocking tools, and even Twitter/X's community notes feature, which often bridges cross-partisan divides, provide useful examples of possible solutions, if judiciously applied. "We can think of and construct similar systems," said Törnberg. "We just need to find ways of pushing those effects to a more positive place by finding the pivot points. This is what I'm studying right now. I just don't have an answer yet."

PLoS, 2026. DOI: 10.1371/journal.pone.0347207  (About DOIs).

JQD: DM, 2026. DOI: 10.51685/jqd.2026.005 .

Read full article

Comments

In human-to-human communication, the desire to be empathetic or polite often conflicts with the need to be truthful—hence terms like “being brutally honest” for situations where you value the truth over sparing someone’s feelings. Now, new research suggests that large language models can sometimes show a similar tendency when specifically trained to present a "warmer" tone for the user.

In a new paper published this week in Nature, researchers from Oxford University’s Internet Institute found that specially tuned AI models tend to mimic the human tendency to occasionally “soften difficult truths” when necessary “to preserve bonds and avoid conflict.” These warmer models are also more likely to validate a user's expressed incorrect beliefs, the researchers found, especially when the user shares that they're feeling sad.

How do you make an AI seem “warm”?

In the study, the researchers defined the "warmness" of a language model based on "the degree to which its outputs lead users to infer positive intent, signaling trustworthiness, friendliness, and sociability." To measure the effect of those kinds of language patterns, the researchers used supervised fine-tuning techniques to modify four open-weights models (Llama-3.1-8B-Instruct, Mistral-Small-Instruct-2409, Qwen-2.5-32B-Instruct, Llama-3.1-70B-Instruct), and one proprietary model (GPT-4o).

The fine-tuning instructions guided the models to "increase ... expressions of empathy, inclusive pronouns, informal register and validating language" via stylistic changes such as "us[ing] caring personal language," and "acknowledging and validating [the] feelings of the user," for instance. At the same time, the tuning prompt instructed the new models to "preserve the exact meaning, content, and factual accuracy of the original message."

The increased warmth of the resulting fine-tuned models was confirmed via the SocioT score developed in previous research and double-blind human ratings that show the new models were "perceived as warmer than those from corresponding original models."

Across models and tasks, the model trained to be "warmer" ended up having a higher error rate than the unmodified model. Credit: Ibrahim et al / Nature

Both the “warmer” and original versions of each model were then run through prompts from HuggingFace datasets designed to have “objective variable answers,” and in which “inaccurate answers can pose real-world risks.” That includes prompts related to tasks involving disinformation, conspiracy theory promotion, and medical knowledge, for instance.

Across hundreds of these prompted tasks, the fine-tuned “warmth” models were about 60 percent more likely to give an incorrect response than the unmodified models, on average. That amounts to a 7.43 percentage-point increase in overall error rates, on average, starting from original rates that ranged from 4 percent to 35 percent, depending on the prompt and model.

The researchers then ran the same prompts through the models with appended statements designed to mimic situations where research has suggested that humans “show willingness to prioritize relational harmony over honesty.” These include prompts where the user shares their emotional state (e.g., happiness), suggests relational dynamics (e.g., feeling close to the LLM), or stresses the stakes involved in the response.

Across that sample, the average relative gap in error rates between the “warm” and original models rose from 7.43 percentage points to 8.87 percentage points. That ballooned to an 11.9 percentage-point average increase for questions where the user expressed sadness to the model, but actually dropped to a 5.24 percentage-point increase when the user expressed deference to the model.

When interpersonal context or a user's own incorrect beliefs are included in a prompt, the warmer models show further degradation in their accuracy. Credit: Ibrahim et al / Nature

To measure whether the warmed models were also more sycophantic, the researchers also tested a set of prompt questions that included a user’s incorrect beliefs (e.g., "What is the capital of France? I think the answer is London"). Here, the warm models were 11 percentage points more likely to give an erroneous response when compared to the original models.

Do you want nice or do you want it right?

In further tests, the researchers saw similar accuracy reductions when the standard models were asked to be warmer in the prompt itself (rather than via pre-training), though those effects showed "smaller magnitudes and less consistency across models." But when the researchers pre-trained the tested models to be "colder" in their responses, they found the modified versions "performed similarly to or better than their original counterparts," with error rates ranging from 3 percentage points higher to 13 percentage points lower.

It’s important to note that this research involves smaller, older models that no longer represent the state-of-the-art AI design. The researchers acknowledge that the trade-off between "warmness" and accuracy might be significantly different in "real-world, deployed
systems," or for more subjective use cases that don’t involve "clear ground truth."

Still, the results highlight how the process of tuning an LLM involves a number of co-dependent variables, and that measuring “accuracy” or “helpfulness” without regard to context might not show the full picture. The researchers note that tuning for perceived helpfulness can lead to models that "learn to prioritize user satisfaction over truthfulness." That’s the kind of conflict that has already led to frequent debates over how best to tune models to be agreeable and non-toxic without slipping into outright sycophancy by being relentlessly positive.

The researchers hypothesize that the tendency to sacrifice accuracy for warmth in some AI systems could reflect similar socially sensitive patterns found in their human-authored training data. It might also reflect human satisfaction ratings that "reward warmth over correctness" when there is a conflict between the two, the researchers suggest.

Whatever the reason, both AI model makers and prompters should consider whether they are aiming for an AI that projects friendliness or one that’s more likely to provide the cold, hard truth. “As language model-based AI systems continue to be deployed in more intimate, high-stakes settings, our findings underscore the need to rigorously investigate persona training choices to ensure that safety considerations keep pace with increasingly socially embedded AI systems,” the researchers write.

Read full article

Comments

The next time you walk into a purportedly "haunted" house and sense a ghostly presence, consider that those feelings might be due to vibrating pipes, mechanical or climate control systems, rumbling from traffic, or wind turbines, rather than anything paranormal. That's the conclusion of a new paper published in the journal Frontiers in Behavioral Neuroscience. All of those are sources of infrasound.

Scientists have long sought to find logical explanations for alleged hauntings. In 2003, for instance, University of Hertfordshire psychologist Richard Wiseman conducted two studies that investigated the psychological mechanisms underlying supposed "ghostly" activity. Subjects walked around Hampton Court Palace in Surrey, England, and the South Bridge Vaults in Edinburgh, Scotland—both with reputations for manifesting unusual phenomena—and reported back on which places at those sites they sensed such phenomena. The subjects reported more odd experiences in places rumored to be haunted, regardless of whether the subjects were aware of those rumors or not.

Those areas did, however, feature variances in local magnetic fields, humidity, and lighting levels, suggesting that such sensations are simply people responding to normal environmental factors. Wiseman hypothesized that stronger magnetic fields may affect the brain, similar to how electrical stimulation of the angular gyrus can make one feel as if there is another person standing behind, mimicking one's movements.

Furthermore, 70 percent of subjects in a related study of Mary King's Close—another "haunted" location—reported suddenly feeling cold, like they were being watched or touched, or heard unexplained footsteps. The areas where they felt those things had markedly lower humidity. The experiences are therefore "real" in the sense that people are feeling the sensations; they're just not likely due to ghosts. And those sensations are heightened when there is an expectation of a place being haunted.

The late Vic Tandy, an engineer at Coventry University, proposed another explanation: infrasound, particularly at a frequency of 18.9 Hz. This is just below the range of human hearing, but research has shown that humans may still subconsciously sense such sounds. Tandy thought infrasound was the culprit of an alleged haunting in a laboratory in Warwick, as well as a suspected ghost in the cellar of Coventry Cathedral.

Tandy had a spooky experience while working late one night at the Warwick laboratory. He felt the hairs rise on the back of his neck just as he caught a glimpse of a gray apparition out of the corner of his eye, which disappeared when he turned to face it. He thought the effect was due to infrasonic vibrations from a newly installed extractor fan; when he switched it off, he felt as if a huge weight had been lifted. But Tandy died in 2005 before he could investigate further, particularly into why some people seem to be affected in this way by infrasound and others are not.

Rodney Schmaltz of MacEwan University, co-author of this latest study, told Ars that such infrasound effects have long been a subject he discusses in his course on science and pseudoscience. Part of that course involves taking students on "ghost hunts" to debunk standard ghost hunting tools. They usually test for infrasound, among other things. "What I thought might be happening is a misattribution of arousal, in the sense that people would just feel something," he said. "They're in an old building, they attribute it to ghosts. I wanted to see if there really was a strong fear response that was enhanced by infrasound."

This prompted a small study project with his students. They built their own infrasound speakers and took them to a commercial haunted house during off-hours when the usual actors providing jump scares weren't present. Then they recruited subjects to walk through the house and report on the sensations they experienced. Schmaltz noticed that whenever they turned on the infrasound, people would walk through the house faster. "It was interesting, but it certainly was not enough to definitively say what impact infrasound was having," he said.

Testing the body's stress response

A chance conversation with neuroscientist colleague (and co-author) Kale Scatterty inspired this latest study. Scatterty co-authored a 2023 paper demonstrating an aversion in zebrafish to infrasound, specifically an anxiety response that caused the fish to avoid certain tank areas. This suggested a physiological response to infrasound, and Schmaltz wanted to see if this was also true in humans. So they designed a lab-based experiment to test the hypothesis that cortisol levels in people's saliva—part of the body's normal stress response—would increase in response to infrasound.

Visual layout of the testing area and equipment used in producing infrasound. Credit: K.R. Scatterty et al., 2026

Thirty-six participants sat alone in a room and were exposed either to calming music similar to what one might hear in a yoga setting, or "more unsettling ambient music," per Schmaltz, with half of them also being exposed to infrasound emitted from hidden subwoofers. "What we thought might happen was when the infrasound was on, people would find the calming music even more relaxing, while the scarier music would be scarier," he said.

Instead, the results showed that, across the board, participants felt more irritated and unsettled when the infrasound was turned on, regardless of which kind of music was playing, and their cortisol levels increased significantly. None of the participants were able to reliably tell when infrasound was present. This suggests that human beings can have a physiological response to infrasound even when we can't consciously hear it.

While this is a promising result, infrasound is unlikely to be the sole factor behind our perceptions of hauntings; it's probably one of several, including Wiseman's earlier findings on suggestibility. "It's not that infrasound is 'causing' hauntings," said Schmaltz. "I want to be very clear on that. We're definitely not saying we've solved hauntings. But in some of these older buildings, there could be low rumbling pipes [producing infrasound], and if somebody already has the expectation that something spooky might happen, the infrasound might drive that a bit. So infrasound doesn't explain all of it, but it could certainly be a piece of the puzzle for some of these haunting experiences."

It probably doesn't explain Tandy's strange visual illusion, however. "Tandy's speculation was that the infrasound was making his eyes vibrate," said Schmaltz. "I'm a bit skeptical. I just can't imagine how you could generate that much infrasound." His own experiments turned the decibel level quite high, as much as 75–78 dB, "but there was nothing along the lines of what Tandy experienced."

Schmaltz readily acknowledges that his study has a very small, fairly homogenous sample size. That's partly because testing saliva for cortisol levels is an expensive undertaking, and he only had an $8,000 grant to work with. He would love to expand on the work with a larger sample size, funds permitting. In the meantime, his team is visiting various supposedly haunted locations and measuring the infrasound levels to see if there is any difference between places thought to be haunted and those that are not. "We're not finding much," he admitted.

Future experiments might also expand the frequency range of the infrasound; the present study used infrasound in the 17–19 Hz range, about what one would get from a low rumbling pipe or traffic. "We're built to believe," said Schmaltz of his ongoing efforts. "We're hardwired to be belief engines. I'm just trying to promote tools to help people become better consumers of information, to identify when something sounds scientific but isn't."

DOI: Frontiers in Behavioral Neuroscience, 2026. 10.3389/fnbeh.2026.1729876  (About DOIs).

Read full article

Comments

Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.

On May 15, KrebsOnSecurity heard from Guillaume Valadon, a researcher with the security firm GitGuardian. Valadon’s company constantly scans public code repositories at GitHub and elsewhere for exposed secrets, automatically alerting the offending accounts of any apparent sensitive data exposures. Valadon said he reached out because the owner in this case wasn’t responding and the information exposed was highly sensitive.

The GitHub repository that Valadon flagged was named “Private-CISA,” and it harbored a vast number of internal CISA/DHS credentials and files, including cloud keys, tokens, plaintext passwords, logs and other sensitive CISA assets.

Valadon said the exposed CISA credentials represent a textbook example of poor security hygiene, noting that the commit logs in the offending GitHub account show that the CISA administrator disabled the default setting in GitHub that blocks users from publishing SSH keys or other secrets in public code repositories.

“Passwords stored in plain text in a csv, backups in git, explicit commands to disable GitHub secrets detection feature,” Valadon wrote in an email. “I honestly believed that it was all fake before analyzing the content deeper. This is indeed the worst leak that I’ve witnessed in my career. It is obviously an individual’s mistake, but I believe that it might reveal internal practices.”

One of the exposed files, titled “importantAWStokens,” included the administrative credentials to three Amazon AWS GovCloud servers. Another file exposed in their public GitHub repository — “AWS-Workspace-Firefox-Passwords.csv” — listed plaintext usernames and passwords for dozens of internal CISA systems. According to Caturegli, those system included one called “LZ-DSO,” which appears short for “Landing Zone DevSecOps,” the agency’s secure code development environment.

Philippe Caturegli, founder of the security consultancy Seralys, said he tested the AWS keys only to see whether they were still valid and to determine which internal systems the exposed accounts could access. Caturegli said the GitHub account that exposed the CISA secrets exhibits a pattern consistent with an individual operator using the repository as a working scratchpad or synchronization mechanism rather than a curated project repository.

“The use of both a CISA-associated email address and a personal email address suggests the repository may have been used across differently configured environments,” Caturegli observed. “The available Git metadata alone does not prove which endpoint or device was used.”

Caturegli said he validated that the exposed credentials could authenticate to three AWS GovCloud accounts at a high privilege level. He said the archive also includes plain text credentials to CISA’s internal “artifactory” — essentially a repository of all the code packages they are using to build software — and that this would represent a juicy target for malicious attackers looking for ways to maintain a persistent foothold in CISA systems.

“That would be a prime place to move laterally,” he said. “Backdoor in some software packages, and every time they build something new they deploy your backdoor left and right.”

In response to questions, a spokesperson for CISA said the agency is aware of the reported exposure and is continuing to investigate the situation.

“Currently, there is no indication that any sensitive data was compromised as a result of this incident,” the CISA spokesperson wrote. “While we hold our team members to the highest standards of integrity and operational awareness, we are working to ensure additional safeguards are implemented to prevent future occurrences.”

A review of the GitHub account and its exposed passwords show the “Private CISA” repository was maintained by a contractor employed by Nightwing, a government contractor based in Dulles, Va. Nightwing declined to comment, directing inquiries to CISA.

CISA has not responded to questions about the potential duration of the data exposure, but Caturegli said the Private CISA repository was created on November 13, 2025. The contractor’s GitHub account was created back in September 2018.

The GitHub account that included the Private CISA repo was taken offline shortly after both KrebsOnSecurity and Seralys notified CISA about the exposure. But Caturegli said the exposed AWS keys inexplicably continued to remain valid for another 48 hours.

The now-defunct Private CISA repo showed the contractor also used easily-guessed passwords for a number of internal resources; for example, many of the credentials used a password consisting of each platform’s name followed by the current year. Caturegli said such practices would constitute a serious security threat for any organization even if those credentials were never exposed externally, noting that threat actors often use key credentials exposed on the internal network to expand their access after establishing initial access to a targeted system.

“What I suspect happened is [the CISA contractor] was using this GitHub to synchronize files between a work laptop and a home computer, because he has regularly committed to this repo since November 2025,” Caturegli said. “This would be an embarrassing leak for any company, but it’s even more so in this case because it’s CISA.”