Something mysterious is happening at the US National Institute of Standards and Technology (NIST) that could make many organizations vulnerable to threat actors. Since February 12, 2024, NIST has almost completely stopped enriching software vulnerabilities listed in its National Vulnerability Database (NVD), the world's most widely used software vulnerability database. Tom Pace, CEO of firmware security provider NetRise, told Infosecurity that only 200 out of the 2700 vulnerabilities, known as C...