Let's be vulnerable together π€ Join us at #VulnCon26 πhttps://go.first.org/syt8W #vulnerabilitymanagement #CVEProgram #CVSS
Share your knowledge and expertise and join us in Geneva, Switzerland for the 2026 Peak Incident Response Technical Colloquium as a speaker! π£οΈ Click to submit before March 13th! β‘οΈπ https://go.first.org/d3LmF
Are you wanting to get involved at #FIRSTCON26? Support our mission and sponsor this unique #cybersecurity community gathering with attendees from all around the world! π»ππhttps://go.first.org/MDaOF #annualconference #incidentresponse #secconf
We're releasing our 2026 Vulnerability Forecast today.
Key Projections:
πΉ Median forecast: ~59,427 CVEs in 2026
πΉ 90% confidence interval: 30,012 to 117,673
πΉ Realistic scenarios suggest 70,000-100,000 vulnerabilities are possible
What Organizations Should Do:
β
Assess capacity to handle 50,000+ CVEs
β
Prioritize based on environmental risk, not just CVSS scores
β
Build contingency plans for higher-volume scenarios
Throughout 2026, we'll publish quarterly updates with refined predictions to help the community stay ahead. Special thanks to Γireann Leverett, FIRST Liaison and Lead Member of FIRST's Vulnerability Forecasting Team, as well as, Founder and CTO of Concinnity Risks, and the vulnerability forecasting team.
π Read more: https://go.first.org/NvZWb
#cybersecurity #infosec
#ThreatIntelligence #VulnerabilityManagement
π’ FIRST Q4FY25 Highlights:
β Record Growth Announced - During the last quarter of 2025, we passed the 1,024 milestone of active members split in 825 teams, 196 Liaisons, and 3 Associates
β Time Security SIG Launched - New SIG approved to help the global community prepare for 2036-2038 epoch rollovers, connecting CSIRTs, vendors, and standards bodies
β ITU-T Standards Milestone - International standards body officially approved technical report on global coordination requirements for epoch rollover events
β DNS Abuse Guidance Published - First set of stakeholder advice based on the DNS Abuse Matrix now available, covering detection of various DNS abuse types
β CVSS Consumer Implementation Guide Released - New supplementary document helps users implement CVSS v4 to its fullest by tailoring scores to unique deployment environments
β Global Training Expansion - Delivered 9 training sessions in 7 economies, including Ghana cyberdrill with Shadowserver Foundation and Actioning Alerts and Advisories training in Brazil through FIRST CORE
β Growing Digital Presence - LinkedIn grew by 652 new followers and YouTube added 152 new subscribers, with top post highlighting our Africa Regional Liaison initiative
π Read our latest newsletter for more updates, details on upcoming events, and how you can get involved: https://go.first.org/Qvktj
Join us for the 4οΈβ£th edition of Balkan Cybersecurity Days in ShkodΓ«r, Albania from March 17-19, 2026! For more information visit β‘οΈπhttps://go.first.org/uE9uK #AKSK #DCAF #criticalinformationinfrastructure
Are you looking to share your knowledge? Come speak at #BCD2026, CFS closes Feb 10, hurry on over! πhttps://go.first.org/wQy5h #cybersecurity #AKSK #DCAF
Share your knowledge and collaborate with like-minded cybersecurity professionals at #BCD2026! Click to submit before itβs too lateππhttps://go.first.org/wQy5h #AKSK #DCAF
π΅Wrangle up and register early for #VulnCon26 cowboys and girls, sunny Arizona is waiting for you! π΅ πhttps://go.first.org/syt8W #vulnerabilitymanagement #CVEProgram #IncidentResponse
Want instant visibility at FIRSTCTI26? Sponsor the conference Lanyard, it's low cost & high impact. Support FIRSTβs mission and put your logo front and center all event long.
Contact the FIRST Events Team today! https://www.first.org/conference/firstcti26/sponsorship
You don't want to miss our inaugural Regional Symposium for Central Asia. Register and take a peek at our exceptional agenda here πβ‘οΈπ https://go.first.org/effuY #FIRSTUZ26
Are you looking to share your knowledge? Come speak at #BCD2026, CFS closes Feb 10, hurry on over! πhttps://go.first.org/wQy5h #cybersecurity #AKSK #DCAF
Share your knowledge and collaborate with like-minded cybersecurity professionals at #BCD2026! Click to submit before itβs too lateππhttps://go.first.org/wQy5h #AKSK #DCAF
Join us for the 4οΈβ£th edition of Balkan Cybersecurity Days in ShkodΓ«r, Albania from March 17-19, 2026! For more information visit β‘οΈπhttps://go.first.org/uE9uK #AKSK #DCAF #criticalinformationinfrastructure
Interested in attending the 2026 FIRST Technical Colloquium in Paris? Oh la, la, look no further πβ‘οΈπhttps://go.first.org/lxxWO #cybersecurity #technicalcolloquium
π‘οΈ In light of Data Privacy Week, SecurityBrief US by TechDay US published expert insights on data protection challenges in the AI era, featuring FIRST community leaders on incident response, vulnerability management, and system resilience.
πΉ Chris Gibson, CEO, FIRST: Emphasized the importance of trusted networks and coordinated incident response: "...No company can solve data breaches and cybersecurity in isolation. The organizations that recover fastest are the ones with trusted networks already in place, sharing threat intelligence and coordinating response before a crisis hits."
πΉ Γireann Leverett, FIRST Liaison and Lead Member of FIRST's Vulnerability Forecasting Team, as well as, Founder and CTO of Concinnity Risks: Highlighted the growing vulnerability landscape, forecasting nearly 60,000 new vulnerabilities in 2026 and the need for strategic prioritization.
πΉ Ionut Mihai Chelalau, FIRST Transportation & Mobility SIG Chair and Cybersecurity Consultant at Diconium: Addressed privacy trade-offs in today's connected ecosystem and the challenges of data protection in AI-driven services.
πΉ Trey Darley, Standards SIG and Time Security SIG Lead at FIRST and Founder at Proper Tools: Called for reducing system complexity: "The answer isn't more training or more tools, it's simpler systems that fail safely."
πΉ Hadyn Green, Principal Communications Advisor, FIRST: Stressed the importance of clear breach communication and establishing backup channels in advance.
π Read the full article: https://go.first.org/tffOm
π€ Let's help support our cowboys... we mean #cybersecurity professionals! Support #VulnCon26 today with a sponsorship and giddy up!β‘οΈπhttps://go.first.org/xt7RF #vulnerabilitymanagement #CVEProgram #IncidentResponse
Help us bring together cybersecurity professionals from across Central Asia by registering for #FIRSTUZ26 today! ππhttps://go.first.org/effuY #UZCERT #CentralAsia
FIRST's CVSS SIG has released the CVSS v4.0 Consumer Implementation Guide!
For years, vulnerability teams have wrestled with the same challenge: Base scores don't account for your actual environment.
Weβve developed a practical maturity model that helps organizations progressively layer Threat and Environmental metrics onto Base scores, moving from generalized worst-case assumptions to deployment-specific risk assessments.
Inside you'll find:
π How proper score enrichment can drop a Critical to Medium (or lower)
π‘οΈ Environmental adjustments for firewalls, IPS, and network architecture
π Maturity progression: Base scores β + Threat Intelligence β + Environmental context, with real examples showing score reductions at each level
The result? Better prioritization. Defensible decisions. More efficient allocation of resources.
Whether you're a vulnerability analyst on the front lines or a CISO explaining risk to the board, this guide provides the framework to make CVSS work harder for you.
Read the full guide: https://go.first.org/LL6gz
#cybersecurity #CVSS #infosec
#ThreatIntelligence #VulnerabilityManagement
πͺ Make a meaningful investment in the future of #cybersecurity -- Sponsor #FIRSTCTI26 today πhttps://go.first.org/JnbvX #cyberthreatintelligence #munich2026 @threatintel
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst