Stay up to date
Here, you'll find updates, articles about our culture, case studies, and much more!
Over 1 Million Notifications
Aug 1, 2024 - While the existence of a vulnerability is not something to celebrate, thanks to the hard work of skilled volunteers working for DIVD, we have been able to notify vulnerable …
case
Mendix applications: unintended data exposure due to authorization misconfiguration
We have identified a recurring security issue across multiple Mendix applications where data sources (entities/tables) are accessible to anonymous users or to newly registered users with …
case
OPERATION ENDGAME PART 3
We are notifying victims of the Rhadamanthys infostealer. Since the datasets contain information on a very large number of individuals, we will not be sending individual notifications. …
case
OPERATION ENDGAME 2.0
DIVD is notifying victims of the Latrodectus infostealer, the evolution of IcedID. We are notifying victims that were identified as a part of Operation Endgame 2.0. If you receive a …
news
Critical vulnerabilities found in procurement platform used by U.S. public sector
One of our researchers has identified three critical vulnerabilities in the SicommNet BASEC e-procurement system, primarily used by U.S. public sector agencies. These vulnerabilities allow …
news
DIVD speelt belangrijke rol in digitale veiligheid energiesector door unieke positie
Het Dutch Institute for Vulnerability Disclosure (DIVD) start met trots het project ‘Coordinated Vulnerability Disclosure (CVD) in de energiesector’. Met dit initiatief zet DIVD een nieuwe …
news
Press release: Research unveils 17 new zero-days in EV Chargers
Jan 09, 2025 - In our most recent research into the security of EV chargers, 17 new vulnerabilities (zero days) were discovered in chargers manufactured by iocharger. These vulnerabilities …