Posted by msmash from Slashdot
From the sigh-of-relief department: CISA says the U.S. government has extended funding to ensure no continuity issues with the critical Common Vulnerabilities and Exposures (CVE) program. From a report: "The CVE Program is invaluable to cyber community and a priority of CISA," the U.S. cybersecurity agency told BleepingComputer. "Last night, CISA executed the option period on the contract to ensure there will be no lapse in critical CVE services. We appreciate our partners' and stakeholders' patience."
The announcement follows a warning from MITRE Vice President Yosry Barsoum that government funding for the CVE and CWE programs was set to expire today, April 16, potentially leading to widespread disruption across the cybersecurity industry. "If a break in service were to occur, we anticipate multiple impacts to CVE, including deterioration of national vulnerability databases and advisories, tool vendors, incident response operations, and all manner of critical infrastructure," Barsoum said.
Posted by msmash from Slashdot
From the closer-look department: More than half of the top privately held AI companies based in the U.S. have at least one immigrant founder, according to an analysis from the Institute for Progress. From the report: The IFP analysis of the top AI-related startups in the Forbes AI 2025 list found that 25 -- or 60% -- of the 42 companies based in the U.S. were founded or co-founded by immigrants. The founders of those companies "hail from 25 countries, with India leading (nine founders), followed by China (eight founders) and then France (three founders). Australia, the U.K., Canada, Israel, Romania, and Chile all have two founders each."
Among them is OpenAI -- whose co-founders include Elon Musk, born in South Africa, and Ilya Sutskever, born in Russia -- and Databricks, whose co-founders were born in Iran, Romania and China. The analysis echoes previous findings about the key role foreign-born scientists and engineers have played in the U.S. tech industry and the broader economy.
Posted by BeauHD from Slashdot
From the uncertain-future department: The CVE and CWE programs are at risk of shutdown as MITRE's DHS contract expires on April 16, 2025, with no confirmed renewal. Without continued funding, the ability to standardize, track, and respond to software vulnerabilities could collapse, leaving the cybersecurity community scrambling in a fragmented and dangerously opaque environment. Forbes reports: "Failure to renew MITRE's contract for the CVE program, seemingly set to expire on April 16, 2025, risks significant disruption," said Jason Soroko, Senior Fellow at Sectigo. "A service break would likely degrade national vulnerability databases and advisories. This lapse could negatively affect tool vendors, incident response operations, and critical infrastructure broadly. MITRE emphasizes its continued commitment but warns of these potential impacts if the contracting pathway is not maintained."
MITRE has indicated that historical CVE records will remain accessible via GitHub, but without continued funding, the operational side of the program -- including assignment of new CVEs -- will effectively go dark. That's not a minor inconvenience. It could upend how the global cybersecurity community identifies, communicates, and responds to new threats. [...] MITRE has said that discussions with the U.S. government are active and that it remains committed to the CVE mission. But with the expiration date looming, time is running short -- and the consequences of even a temporary gap are severe.
Posted by BeauHD from Slashdot
From the what-will-they-think-of-next department: Limited Run Games is releasing physical editions of Doom and Doom II, including a $666 "Will it Run Edition" that features a literal game box capable of playing Doom. Engadget reports: It costs $666, which is a nod to the devilish source material, and is being kept to a limited run of 666 copies. It comes with the aforementioned screen-enabled game box that runs Doom, but that's just the beginning. The combo pack ships with the soundtrack on cassette, a certificate of authenticity and a trading card park with five cards.
It comes with a couple of toys based on one of the franchise's most iconic enemies. There's a detailed three-inch Cacodemon that connects to a five-inch base, which looks pretty nifty. There's a smaller handheld Cacodemon that, you'll never guess, also runs Doom. This edition is available for Switch, PS5, Xbox Series X/S and PC. The PC version, however, ships with a download code and not physical copies of both games. Preorders start on April 18 and end on May 18, with a release sometime after that.