PC World

Open-source software projects need to improve vulnerability-handling practices, researchers say

Many open-source software developers need to improve the way in which they handle vulnerability reports, according to researchers from security firm Rapid7, who recently found and reported ...
JD Supra

What Next-Gen AI Tools Mean for European and US Cybersecurity and Privacy Regulation

Recent developments in generative artificial intelligence (AI), exemplified by the release of Anthropic’s Claude Mythos Preview, have enhanced the automated detection and exploitation of software ...
William & Mary

Atwater: Handling Vulnerability

Professor Peter Atwater, author of The Confidence Map: Charting a Path From Chaos to Clarity, offers tips on how to navigate vulnerability — for yourself and for others. Also available in printable ...
Dark Reading

Vulnerability Disclosure Deja Vu: Prosecute Crime Not Research

The recent example of a software vendor leveraging laws like the Digital Millennium Copyright Act (DMCA) to intimidate a security researcher is counterproductive. The ...

CISA Flags 2-Year-Old Oracle WebLogic Vulnerability as Actively Exploited

CISA added Oracle WebLogic flaw CVE-2024-21182 to its KEV catalog, giving federal agencies until June 4 to patch exposed servers.
Dark Reading

Inside The Vulnerability Disclosure Ecosystem

A new National Telecommunications and Information Administration (NTIA)-led study of how security researchers and software vendors handle and view vulnerability disclosure provides rare insight into ...