"The European Union's Cyber Resilience Act's requirement to disclose vulnerabilities within 24 hours of exploitation could potentially expose organizations to attacks from adversaries or government surveillance."
@skip The problem is that it doesn't stipulate the requirement for #CCSS vendors to fix their trash in a timely manner, cuz unlike #FLOSS which doesn't have the €€€€€€€ to do so often, they have exclusive control over the source code.