ENISA: Software vulnerability prevention initiatives
The European Network and Information Security Agency, ENISA, has compiled a list of existing initiatives focused on finding and preventing software vulnerabilities.
Similar Posts
CISA Adds PaperCut NG/MF CSRF Vulnerability to KEV Catalog Amid Active Exploitation
Bys sThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security vulnerability impacting PaperCutNG/MF print management software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2023-2533 (CVSS score: 8.4), is a cross-site request forgery (CSRF) bug that could
Microsoft Links Ongoing SharePoint Exploits to Three Chinese Hacker Groups
Bys sMicrosoft has formally tied the exploitation of security flaws in internet-facing SharePoint Server instances to two Chinese hacking groups called Linen Typhoon and Violet Typhoon as early as July 7, 2025, corroborating earlier reports. The tech giant said it also observed a third China-based threat actor, which it tracks as Storm-2603, weaponizing the flaws as…
Meta to Train AI on E.U. User Data From May 27 Without Consent; Noyb Threatens Lawsuit
Bys sAustrian privacy non-profit noyb (none of your business) has sent Meta’s Irish headquarters a cease-and-desist letter, threatening the company with a class action lawsuit if it proceeds with its plans to train users’ data for training its artificial intelligence (AI) models without an explicit opt-in. The move comes weeks after the social media behemoth announced…
15,000+ Four-Faith Routers Exposed to New Exploit Due to Default Credentials
A high-severity flaw impacting select Four-Faith routers has come under active exploitation in the wild, according to new findings from VulnCheck. The vulnerability, tracked as CVE-2024-12856 (CVSS score: 7.2), has been described as an operating system (OS) command injection bug affecting router models F3x24 and F3x36. The severity of the shortcoming is lower due to…
Police disrupt “Diskstation” ransomware gang attacking NAS devices
Bys sBill Toulas reports: An international law enforcement action dismantled a Romanian ransomware gang known as ‘Diskstation,’ which encrypted the systems of several companies in the Lombardy region, paralyzing their businesses. The law enforcement operation codenamed ‘Operation Elicius’ was coordinated by Europol and also involved police forces in France and Romania. Diskstation is a ransomware operation…
Illinois Department of Human Services tightens map security after data incident
Bys sStephanie Nau reports: The Illinois Department of Human Services is notifying the public of a data security incident involving internal planning maps that were mistakenly made public from due to incorrect privacy settings. The maps were used for internal resource planning and created on a mapping website. The data included information related to some individuals in……