The Cyberspace Administration of China (CAC) has issued new vulnerability disclosure regulations. The new rules aim to standardize the discovery, reporting, repair, and release of security vulnerabilities and prevent security risks. The rules also forbid vulnerabilities from being disclosed to “overseas organizations or individuals” other than the products’ manufacturers. It also prohibits the publication of programs and tools to exploit vulnerabilities and put networks at a security risk. The regulations are expected to go into effect starting September 1, 2021.
Source: https://thehackernews.com/2021/07/chinas-new-law-requires-researchers-to.html