Direct Links | Infosec News Feeds
The San Francisco Beat
SFInfoSec aggregates the latest news, podcasts and books covering Cyber Security, Hacking, Infosec, Online Privacy, Cryptography, Threat Research and Vulnerability Disclosures from all the leading sources.
Threatpost The First Stop For Security News
- Student Loan Breach Exposes 2.5M Records
by Nate Nelson on August 31, 2022 at 12:57 pm2.5 million people were affected, in a breach that could spell more trouble […]
- Watering Hole Attacks Push ScanBox Keylogger
by Nate Nelson on August 30, 2022 at 4:00 pmResearchers uncover a watering hole attack likely carried out by APT TA423, […]
- Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
by Nate Nelson on August 29, 2022 at 2:56 pmOver 130 companies tangled in sprawling phishing campaign that spoofed a […]
Krebs on Security In-depth security news and investigation
- Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts
by BrianKrebs on June 1, 2026 at 5:32 pmThe Instagram accounts for the Obama White House and the Chief Master Sergeant […]
- Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks
by BrianKrebs on May 25, 2026 at 1:21 pmAuthorities in the Netherlands have arrested the co-owners of two related […]
- Lawmakers Demand Answers as CISA Tries to Contain Data Leak
by BrianKrebs on May 22, 2026 at 4:34 pmLawmakers in both houses of Congress are demanding answers from the U.S. […]
darkreading Public RSS feed
- Name That Toon Contest
.png?width=1280&auto=webp&quality=80&disable=upscale "Name That Toon Contest")
on June 26, 2026 at 11:00 am - Exposed Fuel Tank Gauges Under Attack…
by Nate Nelson on June 5, 2026 at 7:04 pmThreat actors are taking advantage of Internet-exposed tank gauges by breaching […]
- Adaptive, Agentic AI Worms Loom as Next…
by Robert Lemos on June 5, 2026 at 2:40 pmAI worms, or “viruses with wings and brains,” adapt to new environments, seek […]
Blog RSS Feed Fortra Blog
- 3 Years In: How Is AI Doing? SANS Weighs In
by Katrina Thompson on December 15, 2025 at 8:09 amIt’s no secret that AI is “here.” It’s been here for three years now, […]
- What Is Log Management and Why you Need itby Anirudh Chand on November 24, 2025 at 6:00 am
It is arguable that log management forms the basis of modern cybersecurity. […]
- What Did We Learn from the NCSC’s 2025 Annual Review?by Josh Breaker-Rolfe on November 21, 2025 at 11:47 am
Earlier this year, the UK’s National Cyber Security Centre (NCSC) released […]
Security Latest Channel Description
- Crypto-Funded Chinese Peptide Labs Are Booming
by Andy Greenberg, Dell Cameron, Dhruv Mehrotra, Maddy Varner on June 6, 2026 at 10:30 amPlus: Hackers use Meta’s AI bots to hack Instagram accounts, Anthropic helps […]
- Meta Silently Added Face-Recognition Code for Its Smart Glasses to Millions of…
by Dhruv Mehrotra, Dell Cameron on June 4, 2026 at 5:28 pmCode reviewed by WIRED uncovered an unreleased face-recognition system embedded […]
- xAI Asks Court to Strip Alleged Grok Deepfake Nudes Victims of Anonymity
by Matt Burgess on June 3, 2026 at 6:49 pmFour people suing Elon Musk’s AI firm under pseudonyms due to the risks of […]
- AI Wormby Bruce Schneier on June 5, 2026 at 1:21 pm
Researchers have prototyped an AI-powered internet worm. The coolest thing […]
- Hacking Meta’s AI Chatbotby Bruce Schneier on June 4, 2026 at 11:04 am
Hackers are convincing Meta’s AI support chatbot to let them take over other […]
- AI Used to Decrypt Medieval Ciphersby Bruce Schneier on June 3, 2026 at 11:04 am
Researchers are using machine learning algorithms to decrypt historical […]
BleepingComputer BleepingComputer – All Stories
- Suspicious Polyfill login prompts pop up on Toshiba, Muji websitesby Bill Toulas on June 5, 2026 at 9:54 pm
Tech giant Toshiba and mega-retailer Muji warned visitors that suspicious […]
- CISA: Hackers now exploit SolarWinds Serv-U flaw to crash serversby Sergiu Gatlan on June 5, 2026 at 7:15 pm
CISA warned today that hackers are now actively exploiting a recently patched […]
- Chinese APT deploys new malware to keep access to hacked networksby Bill Toulas on June 5, 2026 at 6:09 pm
A Chinese espionage group tracked as UNC5221 has been accessing Microsoft 365 […]
TechCrunch Startup and Technology News
- Reid Hoffman is leaving Microsoft’s board to go ‘founder mode’ with…by Julie Bort on June 5, 2026 at 10:35 pm
After a very profitable decade on Microsoft’s board, Reid Hoffman is stepping […]
- Founders share VC horror stories, and some are naming namesby Julie Bort on June 5, 2026 at 9:47 pm
A massive viral conversation sharing VC horror stories has taken place this […]
- Former cyber executive turned whistleblower accuses IBM of covering up several…by Lorenzo Franceschi-Bicchierai on June 5, 2026 at 8:31 pm
IBM and two of its subsidiary companies were allegedly breached during the […]
The Hacker News Most trusted, widely-read independent cybersecurity news source for everyone; supported by hackers and IT professionals — Send TIPs to [email protected]
- Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI
by [email protected] (The Hacker News) on June 6, 2026 at 8:29 amA researcher has reverse-engineered the iOS SDK that Bright Data embeds in […]
- CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog
by [email protected] (The Hacker News) on June 6, 2026 at 8:14 amThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a […]
- AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs
by [email protected] (The Hacker News) on June 6, 2026 at 7:28 amTwo things landed within days of each other this week. A security startup […]
The DFIR Report Actionable Cyber Threat Intelligence
- Flash Alert: EtherRat and TukTuk C2 End in The Gentleman Ransomwareby editor on May 11, 2026 at 2:05 pm
The EtherRAT malware family was first reported by Sysdig back in December 2025. At that time, the initial access vector was exploitation of CVE-2025-55182 (React2Shell) targeting Linux servers. In March 2026, a Windows variant campaign was reported by Atos, with their investigation showing evidence of activity going back to the previous December. In April, we The post Flash Alert: EtherRat and TukTuk C2 End in The Gentleman Ransomware appeared first on The DFIR Report.
- Bissa Scanner Exposed: AI-Assisted Mass Exploitation and Credential Harvestingby editor on April 22, 2026 at 2:51 pm
Key Takeaways We identified an exposed server that provided unusual visibility into a large-scale, multi-victim exploitation and collection operation. Artifacts on the host showed that Claude Code and OpenClaw were embedded in the operator’s day-to-day workflow, supporting troubleshooting, orchestration, and refinement of the collection pipeline. This AI-assisted workflow resulted in the modular platform Bissa scanner The post Bissa Scanner Exposed: AI-Assisted Mass Exploitation and Credential Harvesting appeared first on The DFIR Report.
- Apache ActiveMQ Exploit Leads to LockBit Ransomwareby editor on February 23, 2026 at 2:09 pm
Key Takeaways An audio version of this report can be found on Spotify, Apple, YouTube, Audible, & Amazon. This intrusion began in mid-February 2024 after a threat actor exploited a vulnerability (CVE-2023-46604) on an exposed Apache ActiveMQ server. The threat actor was able to perform remote code execution (RCE) by using a Java Spring class and a custom Java Spring The post Apache ActiveMQ Exploit Leads to LockBit Ransomware appeared first on The DFIR Report.
Biz & IT – Ars Technica Serving the Technologist since 1998. News, reviews, and analysis.
- How a USB-connected speaker can infect a PC without ever being touched
by Dan Goodin on June 5, 2026 at 9:00 pmSeller of the Sound Blaster Katana V2X doesn’t consider the behavior a […]
- Dashlane explains how attackers managed to download encrypted password vaults
by Dan Goodin on June 4, 2026 at 8:02 pmBy targeting large numbers of users, attackers increased their chances of […]
- Can’t make sense of Dashlane’s vault theft notification? You’re not alone.
by Dan Goodin on June 3, 2026 at 7:53 pmSecurity advisory leaves out key details. Dashlane maintains complete silence.
Websec Cybersecurity Blog Expert insights, trends, research findings, and best practices from Websec security team to help you strengthen your organization’s security posture.
- A Comparison Between the Real User ID and the Effective User ID is not Enough to Prevent Privilege Escalationby Websec Security Team on October 3, 2023 at 7:39 pm
In Unix-like systems, processes have a real and effective user ID determining their access permissions. While usually identical, they can differ in situations like when the setuid bit is activated in executables.
- Websec DevSecOps Webinarby Websec Security Team on August 29, 2022 at 12:00 am
Roberto Salgado and Kobalt.io’s Miki Fukushima are hosting a free webinar on September 20, 2022 covering why application security matters, the shift to developer-first security, and a practical roadmap for embedding security into DevSecOps.
- CVE-2022-21404: Another story of developers fixing vulnerabilities unknowingly because of CodeQLby Websec Security Team on May 19, 2022 at 6:18 pm
How CodeQL may help reduce false negatives within Open-Source projects. Taking a look into a deserialization vulnerability within Oracle Helidon (CVE-2022-21404).