Vulnerability feed

News & Events

Visit here for the latest news about Vulnerable Things and to easily share information.

Media Latest
Internet Security

IoTSF YouTube: A short video prepared by the Internet of Things Security Foundation explaining the service for security researchers and consumer IoT manufacturers.


US Congress: The United States Congress has passed its first national IoT cybersecurity law. Aimed at IoT procured by government agencies, they will be required to report and disclose information about IoT vulnerabilities. Still to come is their published guidelines on vulnerability disclosure for the agencies.

OXIL Youtube: View our animated quick guides to new legislative proposals - Software updates, Universal Default Passwords, and Vulnerability Disclosure in Consumer IoT. Animations by Patrick Taylor at Oxford Information Labs.


IoTSF Website: The IoTSF’s most recent study into coordinated vulnerability disclosure explores how widely vulnerability disclosure is practiced in the consumer IoT product domain and offers important insights into the adoption of best practice worldwide. Download it here


Vulnerability Disclosure and its importance to the long-term success of consumer IoT businesses will be a theme of this year’s IoT Security Foundation’s Virtual Conference, 1-4 December. Without mechanisms to report, manage and resolve vulnerabilities, the security of IoT products diminishes over time. Research by the IoTSF has found that 87% of consumer IoT companies don’t have a vulnerability disclosure policy. VulnerableThings has been developed to help IoT vendors set-up and maintain best practice in vulnerability disclosure. Take a look around our site.

Quick Guides

IoTSF Website: DOWNLOAD NOW - Free Quick Guide to help you manage vulnerability reports.


Twitter: Matt Warman, Minister Minister for Digital Infrastructure announces @OxfordInfoLabs and @IoTSF Expert Guidance - ‘an important tool to help manufacturers boost the security of #smartproducts’


BBC World News: Emily Taylor discusses with BBC World News a series of cyber attacks affecting Australian targets, geopolitical causes for state-sponsored attacks, and the need for coordinated vulnerability disclosure.