When a software vulnerability is discovered, especially by a nation state or government agency, that agency might choose to sit on that discovery, secretly hanging on to their findings in case the vulnerability can be used, secret weapon-style, at a convenient time of their choosing. But a new research paper recently examined how often vulnerabilities are independently discovered by researchers and found that time is not always on the side of whoever got there first.

Read full news article on Naked Security