Mark your calendars for DEF CON 33!
Taking place in Las Vegas from August 7–10, 2025, this is one of the world’s largest and most respected hacker conventions.
This year’s event includes dedicated sessions, workshops, and CTFs centered around memory corruption, exploit mitigations, and secure systems engineering:
Join the next Kawaiicon, New Zealand’s premier hacker conference, happening November 6–8, 2025 in Wellington. This year’s edition dives deep into modern exploit techniques, particularly automated memory corruption attacks and emerging mitigation strategies in native languages and runtimes.
Why it matters for SoS‑VO:
The Open Source Security Foundation (OpenSSF) has released The Memory Safety Continuum, a practical framework that helps developers, organizations, and security teams assess and improve their memory safety posture. Unveiled on April 28, 2025, the document positions memory safety not as a binary goal but as an evolving journey—enabling teams to advance their practices in phases through language adoption, mitigation, and testing.
The Continuum guides readers through four core states:
The NSA and CISA have jointly issued a Cybersecurity Information Sheet (CSI), titled Memory Safe Languages: Reducing Vulnerabilities in Modern Software Development, published on June 24, 2025. The guidance emphasizes that memory safety is "critical to a holistic approach to software security", and that using memory-safe languages (MSLs) can significantly lower the risk of memory-based exploits such as buffer overflows, use-after-free, and data races.
Since 2022, the university has offered classes centered around machine learning and artificial intelligence, reflecting the growing importance of these technologies across multiple industries. The program represents WSU Tri-Cities' commitment to providing cutting-edge education that matches current market demands and technological trends.
Cybersecurity researchers have flagged several popular Google Chrome extensions that have been found to transmit data in HTTP and hard-code secrets in their code, exposing users to privacy and security risks.
As Bostonians prepare to travel during the summer, the Transportation Security Administration is issuing warnings about cybersecurity threats to consider. In a social media post, TSA cautioned travelers about charging their devices using the USB ports found throughout airports. Hackers can install malware on the ports, infecting your devices once connected, also known as juice/port jacking.
"I always thought it was safe, to be able to use that in the airport," said one traveler at Logan airport.
We're excited to announce the launch of the Automated Rapid Certification Of Software (ARCOS) Tool Portal — a new DARPA-supported virtual resource for the research and development and certification communities.
The ARCOS Tool Portal provides open access to simulators, verification tools, and tool suites that enable high-quality software assurance evidence generation and evaluation.
DARPA’s Information Innovation Office (I2O) invites you to the Resilient Software Systems Colloquium, an in-person event focused on addressing a growing national security imperative: securing the software that powers today’s critical systems.