Unpatched Apple devices remain exposed to Sploitlight, a macOS flaw that allows unauthorized access to private user data ...

Billington Global Automotive Cybersecurity Summit panel on coordinated vulnerability disclosure programs. Credit: CSPAN Back in July 2016 at the first-ever Billington Global Automotive ...

Microsoft Threat Intelligence has discovered a macOS vulnerability, tracked as CVE-2025-31199, that could allow attackers to ...

Coordinated vulnerability disclosure (CVD) is a process intended to ensure that these steps occur in a way that minimizes the harm posed by vulnerable products. The Guide provides an introduction ...

Congress and the Trump Administration Must Fix a Ruling prohibiting private companies from retroactively authorizing access ...

MDIC Releases Report on Medical Device Cybersecurity, Advancing Coordinated Vulnerability Disclosure October 01, 2018 11:59 AM Eastern Daylight Time ...

Vulnerabilities don’t get fixed because we wish them away. They get fixed because someone insists that they can’t be ignored.

A white paper released March 6 by the Cybersecurity Coalition, an industry group led by former White House Senior Cybersecurity Director Ari Schwartz, recommends that organizations and governments ...

Coordinated vulnerability disclosure programs, often called “bug bounty” programs, will become much more widely adopted over the next few years. Here’s an exclusive interview with Marten ...

However, Google originally shared the vulnerability details with Microsoft on October 13, 2014, and it adheres to a strict 90-day disclosure policy. When Microsoft's 90 days were up, Google shared ...

Coordinated vulnerability disclosure policies cover all stages of the process from advertising the correct point of contact, through to the timescale for fixing any issues and recognition for any bugs ...

Experts say many factors affect the coordinated vulnerability disclosure process, which can confuse CISOs and sometimes leave them clueless about the extent of the vulnerabilities reported.