The Department of Homeland Security has released an updated list of errors that may cause significant vulnerabilities in software.
The Common Weakness Enumeration list features 25 errors that frequently occur and may critically affect software, DHS said Tuesday.
The Homeland Security Systems Engineering and Development Institute updated CEW after eight years of the list remaining unchanged. DHS’ Science and Technology Directorate and nonprofit company Mitre manage HSSEDI.
The updated list recognizes “improper restriction of operations within the bounds of a memory buffer” as the new top error that threatens a software’s resiliency.
“Eliminating weaknesses prior to software entering the marketplace is an important step in reducing the attack surface which better protects everybody, anywhere in the world,†said Chris Levendis, CWE project leader.
Related Articles
Team Atlanta has claimed the top spot in the Defense Advanced Research Projects Agency’s AI Cyber Challenge, or AIxCC, securing $4 million in prize money for its artificial intelligence-driven cyber reasoning system. The team, including experts from Georgia Tech, Samsung Research and the Korea Advanced Institute of Science & Technology, outperformed six other finalists in the two-year competition aimed at creating AI systems capable of autonomously detecting and patching vulnerabilities of open-source software, particularly those used in critical infrastructure, including financial systems, public utilities and the health care ecosystem, DARPA said. The agency partnered with AI industry leaders Anthropic, Google,
The Federal Communications Commission has appointed Andy Hendrickson as the chief of its Office of Engineering and Technology. Hendrickson is transitioning from his former post of chief technology officer at the FCC’s Enforcement Bureau, the commission said Thursday. As OET head, Hendrickson will serve as FCC’s principal technical adviser on spectrum policy, equipment authorization and keeping regulatory standards apace with the rapid changes in the communications sector, FCC noted. According to his LinkedIn profile, Hendrickson joined the FCC Enforcement Bureau as CTO in October 2024, taking the task of guiding field operations. In his previous role, he also provided the
President Donald Trump has issued an executive order aimed at overhauling the federal government’s grantmaking process. New EO to Prevent Tax Dollars Wastage According to the president Thursday, the new EO aims to end “offensive waste of tax dollars” by establishing a new review process to determine whether grants prioritize national interest. Under the presidential directive, each federal agency will have a senior political appointee tasked with evaluating every funding opportunity announcement and grant award to ensure it will benefit Americans and align with agency priorities. The EO permits the termination of grants that are not consistent with agency priorities, national