This is way beyond my understanding of low level networking protocols but it seems very alarming.
Research paper presented on February 25 at the 2026 Network and Distributed System Security Symposium (NDSS Symposium) that describes AirSnitch:
I’m still processing the news. At a first read-through, it is a serious matter. I suspect that today a lot of security people are re-evaluating how they have their enterprise guest networks set up, along with their generalized VLAN architectures.
Unless you are a “high-value” target, I don’t think you need to panic about your home networks right now, but definitely be on the lookout for firmware upgrades for your routers and access points. If you are using devices that are no longer supported (AirPort, anyone?) you should give serious consideration to upgrading your hardware as soon as mitigations are available.
From the article, it sounds like it will be difficult to mitigate the vulnerability completely in many environments without serious effort. Interesting times.
(Tangentially related: if you have teenagers or other kids in your home, you should keep an eye on what is connected to your network. Kids often don’t care at all about network security, so don’t be surprised if every kid who has set foot in your house has a device that automatically connects to your private home network when in range, never mind your guest network.)
I read the article yesterday as well as all the comments. My conclusion is I am not going to worry about this on my home network. And I never use public WiFi.
Ironically, I was reading this article the other day on my iPad while I was using public WiFi (at a location where mobile data was poor - I would have used that otherwise) and I was using Tailscale as a VPN to direct all traffic through one of my Mac minis at home. (And promptly forgot to turn off the exit node when I got back home 
). I usually do this at public WiFi locations, and now I’ll definitely keep doing it.
That said, so far I have just skimmed this article.
I think this is critical if you are operating a network that is open to the public (coffee shop, concert venue, ISP access-point) or have too many users to be able to trust them all (enterprise network, school).
For those networks, somebody who is authorized to connect can spy on and interfere with other users on that network, or on networks sharing the same access point. Until this problem is fixed (which might require a new security protocol), don’t do anything sensitive on such a network without application-level security like HTTPS or a VPN.
For your home network, set up good passwords and make sure you don’t grant them to untrusted people. And if you set up a guest network, keep it secure as well - don’t leave it open to the world. And consider changing the guest network password after your guests go home.
Also, if your ISP is using your router as Internet gateway access for their other customers (e.g., XFinity Wi-Fi Hotspot), turn it off.