Microsoft has asserted that China’s offensive cyber capabilities have improved, thanks to a law that has allowed Beijing to create an arsenal of unreported software vulnerabilities.
China’s 2021 law required organizations to report security vulnerabilities to local authorities before disclosing them to any other entity. The rules mean Beijing can use local research to hoard vulnerability information.
A year later, researchers from the Atlantic Council found there was a decrease in reported vulnerabilities coming from China – and an increase in anonymous reports.
Source: The Register