Direct Links | Infosec News Feeds
The San Francisco Beat
SFInfoSec aggregates the latest news, podcasts and books covering Cyber Security, Hacking, Infosec, Online Privacy, Cryptography, Threat Research and Vulnerability Disclosures from all the leading sources.
Threatpost The First Stop For Security News
- Student Loan Breach Exposes 2.5M Recordsby Nate Nelson on August 31, 2022 at 12:57 pm
2.5 million people were affected, in a breach that could spell more trouble […]
- Watering Hole Attacks Push ScanBox Keyloggerby Nate Nelson on August 30, 2022 at 4:00 pm
Researchers uncover a watering hole attack likely carried out by APT TA423, […]
- Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firmsby Nate Nelson on August 29, 2022 at 2:56 pm
Over 130 companies tangled in sprawling phishing campaign that spoofed a […]
Krebs on Security In-depth security news and investigation
- Senator Chides FBI for Weak Advice on Mobile Securityby BrianKrebs on June 30, 2025 at 5:33 pm
Agents with the Federal Bureau of Investigation (FBI) briefed Capitol Hill […]
- Inside a Dark Adtech Empire Fed by Fake CAPTCHAsby BrianKrebs on June 12, 2025 at 10:14 pm
Late last year, security researchers made a startling discovery: Kremlin-backed […]
- Patch Tuesday, June 2025 Editionby BrianKrebs on June 11, 2025 at 12:10 am
Microsoft today released security updates to fix at least 67 vulnerabilities in […]
darkreading Public RSS feed
- Qantas Airlines Breached, Impacting 6M…by Nate Nelson, Contributing Writer on July 2, 2025 at 11:00 pm
Passengers’ personal information was likely accessed via a third-party platform […]
- Initial Access Broker Self-Patches Zero…by Jai Vijayan, Contributing Writer on July 2, 2025 at 9:21 pm
A likely China-nexus threat actor has been exploiting unpatched Ivanti […]
- US Treasury Sanctions BPH Provider Aeza…by Kristina Beek on July 2, 2025 at 9:12 pm
In the past, the bulletproof group has been affiliated with many well-known […]
Blog RSS Feed Fortra Blog
- OT Security in Ports: Lessons from the Coast Guard’s Latest Warningby Kirsten Doyle on July 3, 2025 at 8:27 am
The cranes that move goods in and out of America’s busiest ports (some of the […]
- 5 Critical Security Risks Facing COBOL Mainframesby Gilad David Maayan on July 1, 2025 at 10:25 am
COBOL remains deeply embedded in the infrastructure of global enterprises, […]
- Essential Features to Look for in a VM Solutionby Katrina Thompson on June 30, 2025 at 7:43 am
Why Choosing the Right VM Tool Matters Your vulnerability management solution […]
Security Latest Channel Description
- The Promise and Peril of Digital Security in the Age of Dictatorshipby Carmen Valeria Escobar on July 3, 2025 at 9:30 am
LGBTIQ+ organizations in El Salvador are using technology to protect themselves […]
- A Group of Young Cybercriminals Poses the ‘Most Imminent Threat’ of…by Matt Burgess, Lily Hay Newman on July 2, 2025 at 5:56 pm
The Scattered Spider hacking group has caused chaos among retailers, insurers, […]
- Identities of More Than 80 Americans Stolen for North Korean IT Worker Scamsby Andy Greenberg on June 30, 2025 at 8:00 pm
The US Justice Department revealed the identity theft number along with one […]
- Ubuntu Disables Spectre/Meltdown Protectionsby Bruce Schneier on July 2, 2025 at 11:02 am
A whole class of speculative execution attacks against CPUs were published in […]
- Iranian Blackout Affected Misinformation Campaignsby Bruce Schneier on July 1, 2025 at 11:07 am
Dozens of accounts on X that promoted Scottish independence went dark during an […]
- How Cybersecurity Fears Affect Confidence in Voting Systemsby Bruce Schneier on June 30, 2025 at 11:05 am
American democracy runs on trust, and that trust is cracking. Nearly half of […]
Graham Cluley Cybersecurity and AI keynote speaker
- Smashing Security podcast #424: Surveillance, spyware, and self-driving snafusby Graham Cluley on July 2, 2025 at 11:03 pm
A Mexican drug cartel spies on the FBI using traffic cameras and spyware — […]
- Swiss government warns attackers have stolen sensitive data, after ransomware…by Graham Cluley on July 2, 2025 at 3:31 pm
The Swiss government has issued a warning after a third-party service provider […]
- The AI Fix #57: AI is the best hacker in the USA, and self-learning AIby Graham Cluley on July 1, 2025 at 2:05 pm
In episode 57 of The AI Fix, our hosts discover an AI “dream recorder”, […]
BleepingComputer BleepingComputer – All Stories
- Microsoft asks users to ignore Windows Firewall config errorsby Sergiu Gatlan on July 3, 2025 at 10:02 am
Microsoft asked customers this week to disregard incorrect Windows Firewall […]
- NimDoor crypto-theft macOS malware revives itself when killedby Bill Toulas on July 2, 2025 at 7:36 pm
North Korean state-backed hackers have been using a new family of macOS […]
- DOJ investigates ex-ransomware negotiator over extortion kickbacksby Lawrence Abrams on July 2, 2025 at 7:14 pm
An ex-ransomware negotiator is under criminal investigation by the Department […]
TechCrunch Startup and Technology News
- AI job predictions become corporate America’s newest competitive sportby Connie Loizos on July 3, 2025 at 5:30 am
In late May, Anthropic CEO Dario Amodei appeared to kick open the door on a […]
- French B2B neobank Qonto reaches 600,000 customers, files for banking licenseby Anna Heim on July 3, 2025 at 4:00 am
Qonto, which targets European freelancers and SMBs, currently operates with a […]
- OpenAI condemns Robinhood’s ‘OpenAI tokens’by Maxwell Zeff on July 2, 2025 at 11:43 pm
OpenAI wants to make clear that Robinhood’s sale of “OpenAI tokens” will not […]
The Hacker News Most trusted, widely-read independent cybersecurity news source for everyone; supported by hackers and IT professionals — Send TIPs to [email protected]
- Critical Cisco Vulnerability in Unified CM Grants Root Access via Static…by [email protected] (The Hacker News) on July 3, 2025 at 4:24 am
Cisco has released security updates to address a maximum-severity security flaw […]
- North Korean Hackers Target Web3 with Nim Malware and Use ClickFix in…by [email protected] (The Hacker News) on July 2, 2025 at 5:09 pm
Threat actors with ties to North Korea have been observed targeting Web3 and […]
- That Network Traffic Looks Legit, But it Could be Hiding a Serious Threatby [email protected] (The Hacker News) on July 2, 2025 at 11:00 am
With nearly 80% of cyber threats now mimicking legitimate user behavior, how […]
The DFIR Report Real Intrusions by Real Attackers, The Truth Behind the Intrusion
- Hide Your RDP: Password Spray Leads to RansomHub Deploymentby editor on June 30, 2025 at 12:20 am
Key Takeaways Case Summary This intrusion began in November 2024 with a password spray attack targeting an internet-facing RDP server. Over the course of several hours, the threat actor attempted … Read More
- Another Confluence Bites the Dust: Falling to ELPACO-team Ransomwareby editor on May 19, 2025 at 12:05 am
Key Takeaways The DFIR Report Services Table of Contents: Case Summary In late June 2024, an unpatched Confluence server was compromised via CVE-2023-22527, a template injection vulnerability, first from IP … Read More
- Navigating Through The Fogby editor on April 28, 2025 at 12:03 am
Key Takeaways An open directory associated with a ransomware affiliate, likely linked to the Fog ransomware group, was discovered in December 2024. It contained tools and scripts for reconnaissance, exploitation, lateral movement, and persistence…
The Daily Swig | Cybersecurity news and views Keeping you up to date with the latest cybersecurity news from around the world.
- We’re going teetotal: It’s goodbye to The Daily Swigon March 2, 2023 at 2:05 pm
PortSwigger today announces that The Daily Swig is closing down
- Bug Bounty Radar // The latest bug bounty programs for March 2023on February 28, 2023 at 7:15 pm
New web targets for the discerning hacker
- Indian transport ministry flaws potentially allowed creation of counterfeit driving licenseson February 28, 2023 at 2:15 pm
Armed with personal data fragments, a researcher could also access 185 million citizens’ PII
- Password managers: A rough guide to enterprise secret platformson February 27, 2023 at 3:30 pm
The second part of our password manager series looks at business-grade tech to handle API tokens, login credentials, and more
Biz & IT – Ars Technica Serving the Technologist since 1998. News, reviews, and analysis.
- AT&T rolls out Wireless Account Lock protection to curb the SIM-swap scourgeby Dan Goodin on July 2, 2025 at 7:28 pm
Move is aimed at curbing a form of abuse that costs subscribers dearly.
- Drug cartel hacked FBI official’s phone to track and kill informants, report…by Dan Goodin on June 30, 2025 at 7:57 pm
Official was connected to FBI probe of cartel kingpin Joaquín “El Chapo” […]
- Actively exploited vulnerability gives extraordinary control over server fleetsby Dan Goodin on June 26, 2025 at 10:52 pm
AMI MegaRAC used in servers from AMD, ARM, Fujitsu, Gigabyte, and Qualcomm.