FCC prohibits new foreign router models citing critical infrastructure risks
Thursday, April 9, 2026 by Russ Scritchfield
The Federal Communications Commission has updated its Covered List to include all consumer grade routers produced in foreign countries. This action restricts approval of new device models that could enter the United States market without sufficient safeguards. The step reflects a coordinated national security determination by Executive Branch experts that certain router...
Safe c plus plus proposal abandoned after community pushback
Tuesday, November 25, 2025 by Russ Scritchfield
In the ever-evolving landscape of software development, a significant effort to overhaul the C++ programming language for enhanced safety has come to an abrupt halt. The Safe C++ proposal, which sought to introduce a memory-safe subset of the language inspired by the guarantees found in newer languages like Rust, has been abandoned by its lead author. This development o...
Microsoft SharePoint hit by widespread zero-day attacks
Wednesday, July 30, 2025 by Austin Harris
The Cybersecurity and Infrastructure Security Agency (CISA) has reported active exploitation of a newly identified remote code execution (RCE) vulnerability affecting on-premise Microsoft SharePoint servers. The vulnerability, cataloged as CVE-2025-53770, is a variant of the previously known CVE-2025-49706 and presents significant risks to organizations by enabling unau...
Social engineering takeover attacks are on the rise
Thursday, April 18, 2024 by Brittany Hainzinger
OpenSSF and the OpenJS Foundation (home to JavaScript projects used by billions of websites worldwide) are alerting open-source project maintainers of social engineering takeover attacks, following new attack attempts they’ve witnessed similar to the XZ Utils incident.
The OpenJS Cross Project Council received suspicious emails, imploring OpenJS to update one o...
ONCD asks software manufacturers to adopt memory safe languages
Tuesday, March 5, 2024 by Richard Harris
The White House Office of the National Cyber Director (ONCD) has released a new report asking software manufacturers to adopt memory-safe programming languages to help reduce vulnerabilities from entering the supply chain.
"For thirty-five years, memory safety vulnerabilities have plagued the digital ecosystem, but it doesn’t have to be this way. This repo...
App security training enhancements by Security Journey
Wednesday, July 19, 2023 by Austin Harris
Security Journey announced an acceleration of its secure coding training platform enhancements. Since combining HackEDU and Security Journey training offerings into one Platform, the company has added or refreshed almost 200 lessons and 25 languages, frameworks, and technologies; giving customers even more new training content to improve secure coding knowledge gain of ...
Security compliance predictions for 2022
Tuesday, January 18, 2022 by Austin Harris
Edward Tuorinsky is the Managing Principal of DTS, a Service-Disabled Veteran-Owned Small Business, that provides information technology and management consulting services in the areas of program management, governance, strategic planning, organization advancement, business process efficiency, software development, system integration, and learning enhancement solutions....
How the new US administration will effect Internet privacy
Thursday, February 2, 2017 by Austin Harris
NordVPN has observed a notable increase in inquiries immediately after the U.S. election and a stable growth of interest from Americans ever since.As the new U.S. President starts his four-year term, many wonder what will be the new policy on government surveillance of ordinary citizens. President Donald Trump, while being vague on his views concerning Internet privacy,...
