Last week, news broke that Blackberry had withheld information from its users about a serious security flaw – for months. In vulnerability disclosure terms, that’s big news. What is CVE-2021-22156? CVE-2021-22156 (known as BadAlloc) is a collection of integer overflow vulnerabilities affecting multiple real-time operating systems and supporting libraries. According to CISA, “exploitation of this… Continue reading Vulnerability disclosure is not a choice. It’s a responsibility.