NIST SCALES BACK CVE ENRICHMENT EFFORTS
■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE
The National Institute of Standards and Technology is discontinuing enrichment of most Common Vulnerabilities and Exposures (CVEs), citing resource constraints. The move affects the majority of CVE records in its database.
■ MORE FROM THE SECURITY DESK
Microsoft has released a patch for a zero-day vulnerability in Windows Defender that could allow attackers to exhaust hard disk space. The flaw was discovered and reported by security researcher NightmareEclipse.
A software defect from 2006 triggered a cascading network failure that knocked out Telstra's national phone service Wednesday morning. The bug, related to daylight savings time processing, created a 'digital domino chain' that locked customers out across the country.
The EU Parliament is advancing legislation that would require tech companies to scan for child sexual abuse material (CSAM), reviving a proposal rejected in March. End-to-end encrypted services like WhatsApp would be exempt from the requirements.
Hackers compromised the Injective Labs SDK repository on GitHub and published a malicious package to npm that steals cryptocurrency wallet private keys and seed phrases from developers.