Unpatched Apple devices remain exposed to Sploitlight, a macOS flaw that allows unauthorized access to private user data ...

Billington Global Automotive Cybersecurity Summit panel on coordinated vulnerability disclosure programs. Credit: CSPAN Back in July 2016 at the first-ever Billington Global Automotive ...

Coordinated vulnerability disclosure (CVD) is a process intended to ensure that these steps occur in a way that minimizes the harm posed by vulnerable products. The Guide provides an introduction ...

Microsoft Threat Intelligence has discovered a macOS vulnerability, tracked as CVE-2025-31199, that could allow attackers to ...

Coordinated vulnerability disclosure programs, often called “bug bounty” programs, will become much more widely adopted over the next few years. Here’s an exclusive interview with Marten ...

A white paper released March 6 by the Cybersecurity Coalition, an industry group led by former White House Senior Cybersecurity Director Ari Schwartz, recommends that organizations and governments ...

Congress and the Trump Administration Must Fix a Ruling prohibiting private companies from retroactively authorizing access ...

Vulnerabilities don’t get fixed because we wish them away. They get fixed because someone insists that they can’t be ignored.

Experts say many factors affect the coordinated vulnerability disclosure process, which can confuse CISOs and sometimes leave them clueless about the extent of the vulnerabilities reported.

The FTC also noted that the Template offers companies “an adaptable model for implementing a vulnerability disclosure policy appropriately tailored to the company’s size and resources.” ...

Microsoft recently started talking about something called "coordinated vulnerability disclosure," a renewed attempt to reshape the responsible disclosure argument. eEye started out embracing full ...