NIS2 introduces a 24-hour reporting obligation for cyberattacks, requiring organizations to comply with significantly faster incident reporting requirements.
Malicious npm packages can overwrite Claude Code’s configuration file, steal OAuth tokens from the network, and use them to access all connected enterprise services while audit logs show clean Anthropic IP addresses.
The HTTP/2 Bomb combines metadata amplification with Slowloris tactics to enable massive DoS attacks without threshold limitations, as the protocol specification insufficiently controls memory.
The NIST backlog results from strategic deficits and duplicate structures with CISA, with both agencies operating parallel vulnerability enrichment programs since May 2024 and wasting approximately $200,000 in funds.