Tag: Dark Reading

  • Dark Reading Confidential: Funding the CVE Program of the Future – Podcast

    Dark Reading Confidential: Funding the CVE Program of the Future – Podcast

    For the July 31, 2025 episode of Dark Reading Confidential, I joined Bugcrowd’s Trey Ford and Adam Shostack to discuss the future of CVE, specifically around funding or the potential lack thereof. It was a great discussion and the three of us largely agreed on matters. Trey and I had some minor disagreements that we…

  • ChatGPT Exploited by Threat Actors, Doom and Gloom! Or not.

    ChatGPT Exploited by Threat Actors, Doom and Gloom! Or not.

    After years of chasing down typos in CVE IDs, now we all have to contend with poorly researched headlines and apparent to me ambulance chasing over mistaken product names. If you missed the news, threat actors are exploiting a vulnerability in ChatGPT! This is obviously a huge warning and we should all be afraid because…

  • Two Definitions of Zero Day Apparently

    Two Definitions of Zero Day Apparently

    What is a “zero day vulnerability”? It’s a term that is frequently used in the vulnerability disclosure ecosystem. I have blogged on this topic frequently and reading some of this will give more history and context, so I won’t rehash everything. If you read one blog, make it “No One Will Burn A Zero Day…

  • Rebuttal: Dark Reading’s “9” Sources for Tracking New Vulnerabilities

    [This was originally published on the OSVDB blog.] Earlier today, Sean Martin published an article on Dark Reading titled “9 Sources For Tracking New Vulnerabilities“. Spanning 10 pages, likely for extra ad revenue, the sub-title reads: Keeping up with the latest vulnerabilities — especially in the context of the latest threats — can be a…