AIRSNITCH is a new set of attack techniques disclosed by Unit 42 that can breach Wi‑Fi protections by targeting the wireless infrastructure itself, not just individual devices. The researchers say WPA2 and WPA3‑Enterprise remain widely deployed and that AirSnitch exploits weaknesses in the interaction between encryption, switching and routing layers, potentially allowing attackers to intercept traffic or inject packets across multiple APs and network segments.
The threats include Gateway Bouncing, Port Stealing and Broadcast Reflection, which can bypass client isolation at both the MAC and IP layers and even enable cross‑AP attacks that leak traffic from one location to another. The NDSS Symposium 2026 was the venue for the research, and the article urges organisations to move beyond vendor‑specific fixes toward holistic security measures such as robust network segmentation and spoofing prevention, alongside per‑client GTKs and device‑to‑device encryption like MACsec.
It also provides practical mitigations, including VLANs, disabling downstream group‑addressed forwarding, and securing RADIUS and VPN configurations to reduce attack surfaces. According to NDSS Symposium 2026, the goal is to standardise and strengthen security across modern Wi‑Fi networks to protect both insiders and external attackers.