2026.07.07 12:00:45 (Mastodon 116878583118050970, Twitter 2074463640166756787) from Daniel J. Bernstein:
There are continual advances in lattice attacks (see https://blog.cr.yp.to/20260630-risk.html) but I don't think https://eprint.iacr.org/2026/1364 qualifies as one of them: it's basically just standard enumeration (picking a random node in the enumeration tree) after standard sieving as preprocessing.