Direct Links | Infosec News Feeds
The San Francisco Beat
SFInfoSec aggregates the latest news, podcasts and books covering Cyber Security, Hacking, Infosec, Online Privacy, Cryptography, Threat Research and Vulnerability Disclosures from all the leading sources.
Threatpost The First Stop For Security News
- Student Loan Breach Exposes 2.5M Records
by Nate Nelson on August 31, 2022 at 12:57 pm2.5 million people were affected, in a breach that could spell more trouble […]
- Watering Hole Attacks Push ScanBox Keylogger
by Nate Nelson on August 30, 2022 at 4:00 pmResearchers uncover a watering hole attack likely carried out by APT TA423, […]
- Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
by Nate Nelson on August 29, 2022 at 2:56 pmOver 130 companies tangled in sprawling phishing campaign that spoofed a […]
Krebs on Security In-depth security news and investigation
- ‘Popa’ Botnet Linked to Publicly-Traded Israeli Firm
by BrianKrebs on June 18, 2026 at 5:37 pmFor the past four years, a sprawling Android-based botnet called Popa has […]
- Who Runs the Ransomware Group ‘The Gentlemen?’
by BrianKrebs on June 10, 2026 at 2:03 pmA cybercrime group known as The Gentlemen has emerged as the second most active […]
- A Record-Breaking Patch Tuesday for June 2026
by BrianKrebs on June 9, 2026 at 10:07 pmMicrosoft today released software updates to plug nearly 200 security holes […]
darkreading Public RSS feed
- SocGholish Takedown Highlights…
by Rob Wright on June 23, 2026 at 1:51 pmSocGholish uses traffic distribution systems (TDSs) to provide initial access […]
- FortiBleed Attackers Turn Firewalls…
by Elizabeth Montalbano on June 23, 2026 at 12:34 pmThe threat actors engineered a Golang-based sniffer to target 430,000 FortiGate […]
- DifyTap Bugs Let Attackers ‘Wiretap’ AI…
by Alexander Culafi on June 22, 2026 at 9:14 pmFour vulnerabilities allow attackers to exploit Dify, a platform for AI […]
Blog RSS Feed Fortra Blog
- 3 Years In: How Is AI Doing? SANS Weighs Inby Katrina Thompson on December 15, 2025 at 8:09 am
It’s no secret that AI is “here.” It’s been here for three years now, […]
- What Is Log Management and Why you Need itby Anirudh Chand on November 24, 2025 at 6:00 am
It is arguable that log management forms the basis of modern cybersecurity. […]
- What Did We Learn from the NCSC’s 2025 Annual Review?by Josh Breaker-Rolfe on November 21, 2025 at 11:47 am
Earlier this year, the UK’s National Cyber Security Centre (NCSC) released […]
Security Latest Channel Description
- OpenAI Launches Full-Scale Effort to Patch Open-Source Bugs as It Takes on…
by Lily Hay Newman on June 22, 2026 at 5:00 pmAmid concerns about AI models’ cybersecurity capabilities, OpenAI revealed an […]
- World Cup Scams Are Getting Harder to Spotby Jumana Naim on June 22, 2026 at 9:30 am
From fake tickets to cloned websites, AI is magnifying World Cup scams. Can […]
- A Critical Deadline Is Approaching for Windows and Linux Security
by Dan Goodin, Ars Technica on June 21, 2026 at 9:00 amThe cryptographic keys that secure your computer’s boot sequence will start […]
- Anthropic’s Fable 5 Model Jailbroken Within Daysby Bruce Schneier on June 23, 2026 at 11:03 am
Fable 5 is the supposed safe version of Anthropic’s Mythos Preview, with […]
- Professional Athletes and Wearablesby Bruce Schneier on June 22, 2026 at 11:02 am
I haven’t thought about the privacy issues surrounding professional athletes […]
- Friday Squid Blogging: Victims of Unregulated Squid Fishingby Bruce Schneier on June 19, 2026 at 9:03 pm
Dolphins, sharks, turtles, and human workers are all victims of unregulated […]
GRAHAM CLULEY Cybersecurity keynote speaker
- Hacker hijacks Brazil’s national alert system, sending “misanthropy” to…by Graham Cluley on June 23, 2026 at 12:16 pm
Emergency alert systems work because people believe them. Every time one of […]
- Apple’s Hide My Email tweak leaves privacy fans fumingby Graham Cluley on June 19, 2026 at 3:47 pm
Apple has long marketed itself as the privacy-first tech giant. So why is it […]
- Imposter scams cost Americans $3.5 billion in 2025 – and it’s getting worseby Graham Cluley on June 19, 2026 at 1:51 pm
Someone is pretending to be your bank, your government, or your local planning […]
Cyber Defense Magazine InfoSec Knowledge is Power
- Inside The Rising Cyber Risk To Insurers: Why Insurance Companies Are Now Prime…
by News team on June 23, 2026 at 1:00 pmInsurers sit at a rare intersection: they hold healthcare-grade sensitive data, […]
- Supply Chain Compromise: Nintendo Vendor Breach Exposes Internal Data
by Stevin on June 23, 2026 at 12:00 pmNintendo Confirms Breach Nintendo of America publicly disclosed they had been […]
- Data Breach with Eastman Kodak Company
by Stevin on June 22, 2026 at 8:38 pmEastman Kodak Company has confirmed that they have been breached by an […]
BleepingComputer BleepingComputer – All Stories
- The Exploit Doesn’t Exist. You Can Still Prove It Works Against Youby Sponsored by Picus Security on June 23, 2026 at 2:01 pm
Attackers can now weaponize newly disclosed vulnerabilities far faster than […]
- LastPass confirms data breach in Klue supply chain attackby Bill Toulas on June 23, 2026 at 1:58 pm
LastPass announced that hackers accessed customer data from its Salesforce […]
- Webinar: Why email security teams are drowning in alertsby BleepingComputer on June 23, 2026 at 12:12 pm
Phishing, BEC, and account takeover attacks continue to overwhelm security […]
TechCrunch Startup and Technology News
- Password manager maker LastPass says hackers stole customer support case data…by Zack Whittaker on June 23, 2026 at 3:12 pm
This is the second data breach to affect LastPass customers in recent years, […]
- HaloBraid raises $7M from Seven Seven Six to end the six-hour hair salon…by Dominic-Madori Davis on June 23, 2026 at 3:09 pm
HaloBraid aims to help salons speed up braiding with its first device, slated […]
- Meta debuts new, cheaper smart glasses under its own brandby Aisha Malik on June 23, 2026 at 2:11 pm
The smart glasses are available in several countries starting today in a […]
The Hacker News Most trusted, widely-read independent cybersecurity news source for everyone; supported by hackers and IT professionals — Send TIPs to [email protected]
- GitHub Updates actions/checkout to Block Common Pwn Request Attack Patterns
by [email protected] (The Hacker News) on June 23, 2026 at 2:22 pmGitHub is moving to strengthen software supply chain security by updating […]
- Agentic AI: The Weapon That No Longer Needs a Warrior
by [email protected] (The Hacker News) on June 23, 2026 at 11:30 amEvery weapon begins as an extension of the hand that holds it. The spear […]
- Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT
by [email protected] (The Hacker News) on June 23, 2026 at 8:54 amCybersecurity researchers have discovered a set of malicious npm packages that […]
The DFIR Report Actionable Cyber Threat Intelligence
- Flash Alert: EtherRat and TukTuk C2 End in The Gentleman Ransomwareby editor on May 11, 2026 at 2:05 pm
The EtherRAT malware family was first reported by Sysdig back in December 2025. At that time, the initial access vector was exploitation of CVE-2025-55182 (React2Shell) targeting Linux servers. In March 2026, a Windows variant campaign was reported by Atos, with their investigation showing evidence of activity going back to the previous December. In April, we The post Flash Alert: EtherRat and TukTuk C2 End in The Gentleman Ransomware appeared first on The DFIR Report.
- Bissa Scanner Exposed: AI-Assisted Mass Exploitation and Credential Harvestingby editor on April 22, 2026 at 2:51 pm
Key Takeaways We identified an exposed server that provided unusual visibility into a large-scale, multi-victim exploitation and collection operation. Artifacts on the host showed that Claude Code and OpenClaw were embedded in the operator’s day-to-day workflow, supporting troubleshooting, orchestration, and refinement of the collection pipeline. This AI-assisted workflow resulted in the modular platform Bissa scanner The post Bissa Scanner Exposed: AI-Assisted Mass Exploitation and Credential Harvesting appeared first on The DFIR Report.
- Apache ActiveMQ Exploit Leads to LockBit Ransomwareby editor on February 23, 2026 at 2:09 pm
Key Takeaways An audio version of this report can be found on Spotify, Apple, YouTube, Audible, & Amazon. This intrusion began in mid-February 2024 after a threat actor exploited a vulnerability (CVE-2023-46604) on an exposed Apache ActiveMQ server. The threat actor was able to perform remote code execution (RCE) by using a Java Spring class and a custom Java Spring The post Apache ActiveMQ Exploit Leads to LockBit Ransomware appeared first on The DFIR Report.
Biz & IT – Ars Technica Serving the Technologist since 1998. News, reviews, and analysis.
- Following user outcry, AMD reinstates memory encryption in consumer CPUs
by Dan Goodin on June 22, 2026 at 7:16 pmCritics saw the move as an underhanded way to steer them toward more costly […]
- Microsoft discovers new lightweight backdoor that steals cryptocurrency
by Dan Goodin on June 18, 2026 at 11:28 pmCrypto Clipper spreads over USB and communicates over Tor.
- Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds
by Dan Goodin on June 18, 2026 at 7:41 pmThe vulnerability, disclosed 12 months ago, affects multiple manufacturers.
Websec Cybersecurity Blog Expert insights, trends, research findings, and best practices from Websec security team to help you strengthen your organization’s security posture.
- A Comparison Between the Real User ID and the Effective User ID is not Enough to Prevent Privilege Escalationby Websec Security Team on October 3, 2023 at 7:39 pm
In Unix-like systems, processes have a real and effective user ID determining their access permissions. While usually identical, they can differ in situations like when the setuid bit is activated in executables.
- Websec DevSecOps Webinarby Websec Security Team on August 29, 2022 at 12:00 am
Roberto Salgado and Kobalt.io’s Miki Fukushima are hosting a free webinar on September 20, 2022 covering why application security matters, the shift to developer-first security, and a practical roadmap for embedding security into DevSecOps.
- CVE-2022-21404: Another story of developers fixing vulnerabilities unknowingly because of CodeQLby Websec Security Team on May 19, 2022 at 6:18 pm
How CodeQL may help reduce false negatives within Open-Source projects. Taking a look into a deserialization vulnerability within Oracle Helidon (CVE-2022-21404).