Global Updates: Community Rebuilding in Pakistan and Critical Cybersecurity Program Funding at Risk

Rebuilding Khyber District: A Community-Led Approach

Pakistan’s Khyber District, bordering Afghanistan, has faced significant challenges due to conflict, displacement, and poverty. Recognizing that older people and persons with disabilities (PWDs) are often disproportionately affected and excluded, HelpAge International’s Pakistan office, alongside the Sarhad Rural Support Programme (SRSP) and funded by Germany's BMZ via HelpAge Deutschland, initiated a project across 65 villages.

The core idea was that these often-marginalized groups are vital for building peaceful, inclusive societies. The project focused on:

This partnership successfully demonstrated how empowering vulnerable groups can foster community resilience and rebuild social fabric.

Global Cybersecurity Braces for Impact as CVE Funding Expires

A critical component of global cybersecurity, the Common Vulnerabilities and Exposures (CVE) program, faces an uncertain future. Operated by the non-profit MITRE under contract with the US Department of Homeland Security (DHS), the program's funding expired on April 16, 2025, without immediate renewal confirmed.

The CVE program assigns unique IDs (e.g., CVE-2014-0160 for Heartbleed) to specific software vulnerabilities. This standardization is essential for security researchers, software vendors, IT departments, and government agencies worldwide to effectively identify, prioritize, and remediate security flaws. Over 40,000 CVEs were published last year alone. The related Common Weakness Enumeration (CWE) program, which categorizes types of software weaknesses, is also impacted.

Experts express grave concerns. MITRE warned of potential \"deterioration of national vulnerability databases and advisories, tool vendors, incident response operations, and all manner of critical infrastructure.\" Katie Moussouris, founder of Luta Security, stated, \"CVE is a cornerstone of cybersecurity, and any gaps... will put our critical infrastructure and national security at unacceptable risk.\" Others noted the potential for confusion, duplication of effort, and delays in addressing threats if the centralized system falters. While MITRE remains committed, the lack of funding puts the program's operations, including assigning new CVEs, in jeopardy.

What was the goal of the Khyber District project?

The primary goal was to rebuild the conflict-affected community by empowering older people and persons with disabilities, fostering peace, promoting inclusion, and enhancing community resilience through a community-led approach.

What is the CVE program and why is it important?

CVE stands for Common Vulnerabilities and Exposures. It's a global standard for identifying and naming cybersecurity vulnerabilities. It ensures everyone uses the same name for a specific flaw, which is crucial for coordinating patches and defenses effectively.

Why did the CVE program's funding expire?

The contract between the US Department of Homeland Security (DHS) and MITRE, the organization operating the CVE program, expired on April 16, 2025. Reports suggest this is linked to broader government budget reviews, and a renewal was not finalized before the expiration date.

What are the potential consequences if CVE funding isn't restored?

Experts predict significant disruption, including confusion in tracking vulnerabilities, delays in patching critical flaws, difficulties for security tools and operations, and increased risk to national and international cybersecurity.

How vital are community-led initiatives like the one in Khyber for sustainable post-conflict recovery? What measures do you think should be implemented to ensure the long-term stability of critical global resources like the CVE program?

*Share this article with others who need to stay ahead of these global developments!*