Direct Links | Infosec News Feeds
The San Francisco Beat
SFInfoSec aggregates the latest news, podcasts and books covering Cyber Security, Hacking, Infosec, Online Privacy, Cryptography, Threat Research and Vulnerability Disclosures from all the leading sources.
Threatpost The First Stop For Security News
- Student Loan Breach Exposes 2.5M Records
by Nate Nelson on August 31, 2022 at 12:57 pm2.5 million people were affected, in a breach that could spell more trouble […]
- Watering Hole Attacks Push ScanBox Keylogger
by Nate Nelson on August 30, 2022 at 4:00 pmResearchers uncover a watering hole attack likely carried out by APT TA423, […]
- Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
by Nate Nelson on August 29, 2022 at 2:56 pmOver 130 companies tangled in sprawling phishing campaign that spoofed a […]
Krebs on Security In-depth security news and investigation
- Who Runs the Ransomware Group ‘The Gentlemen?’
by BrianKrebs on June 10, 2026 at 2:03 pmA cybercrime group known as The Gentlemen has emerged as the second most active […]
- A Record-Breaking Patch Tuesday for June 2026
by BrianKrebs on June 9, 2026 at 10:07 pmMicrosoft today released software updates to plug nearly 200 security holes […]
- Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts
by BrianKrebs on June 1, 2026 at 5:32 pmThe Instagram accounts for the Obama White House and the Chief Master Sergeant […]
darkreading Public RSS feed
- ‘Lorem Ipsum’ Malware Pivots to…
by Jai Vijayan on June 16, 2026 at 3:10 pmNew analysis shows the campaign, which uses compromised WordPress sites, may be […]
- Copilot ‘SearchLeak’ Attack Allows…
by Alexander Culafi on June 15, 2026 at 7:27 pmThe critical, three-stage attack is now patched, but it’s part of a new group […]
- China-Nexus Actor Spies on US…
by Elizabeth Montalbano on June 15, 2026 at 5:00 pmGoogle discovered and disrupted the sprawling campaign, which stole RedCAP […]
Blog RSS Feed Fortra Blog
- 3 Years In: How Is AI Doing? SANS Weighs Inby Katrina Thompson on December 15, 2025 at 8:09 am
It’s no secret that AI is “here.” It’s been here for three years now, […]
- What Is Log Management and Why you Need itby Anirudh Chand on November 24, 2025 at 6:00 am
It is arguable that log management forms the basis of modern cybersecurity. […]
- What Did We Learn from the NCSC’s 2025 Annual Review?by Josh Breaker-Rolfe on November 21, 2025 at 11:47 am
Earlier this year, the UK’s National Cyber Security Centre (NCSC) released […]
Security Latest Channel Description
- Meta Tapped a Pentagon Supplier to Prototype Face Recognition for Its Glasses
by Dell Cameron, Dhruv Mehrotra on June 15, 2026 at 9:00 amRank One, whose board includes a former CIA deputy director and a former FBI […]
- The FCC Wants to Kill Burner Phones
by Andy Greenberg, Lily Hay Newman on June 13, 2026 at 10:30 amPlus: AI bug hunting fuels Microsoft’s biggest-ever Patch Tuesday, […]
- Grok Is Still Hosting Sexualized Deepfakes of Famous Women
by Matt Burgess on June 11, 2026 at 7:41 pmA WIRED investigation found dozens of “nudified” deepfake images and videos […]
- Flock Cameras Are Being Used for Stalkingby Bruce Schneier on June 16, 2026 at 11:03 am
There are over a dozen cases around the country where police officers are using […]
- The FCC Wants to Eliminate Burner Phonesby Bruce Schneier on June 15, 2026 at 11:01 am
A proposed FCC rule would kill burner phones: phones whose accounts are not […]
- Upcoming Speaking Engagementsby Bruce Schneier on June 14, 2026 at 4:07 pm
This is a current list of where and when I am scheduled to speak: I’m giving […]
GRAHAM CLULEY Cybersecurity keynote speaker
- Maine forced to take down data breach portal after fake notices filed with…by Graham Cluley on June 15, 2026 at 1:23 pm
The US state of Maine has taken its public data breach notification portal […]
- Privacy own-goal: World Cup blunder leaks Lionel Messi’s passport detailsby Graham Cluley on June 12, 2026 at 6:48 pm
Argentina’s World Cup squad had their passport numbers leaked before a ball was […]
- Silent Ransom Group: what you need to knowby Graham Cluley on June 11, 2026 at 3:43 pm
Most extortion gangs hide behind a keyboard. Silent Ransom Group will phone […]
Cyber Defense Magazine InfoSec Knowledge is Power
- Crypto’s Biggest Unresolved Risk Is Not Theft Of Assets, It’s The Collapse…
by News team on June 16, 2026 at 1:00 pmDeepfake and synthetic identity attacks on major financial institutions are […]
- Could GPU-Accelerated EDR Improve The Future Of Endpoint Detection?
by News team on June 15, 2026 at 1:00 pmThe growing computational challenge in endpoint detection Ever wonder how […]
- CMMC Is Exposing A Major Gap In The Defense Supply Chain
by News team on June 14, 2026 at 1:00 pmFor many defense contractors, cybersecurity compliance has long been treated as […]
BleepingComputer BleepingComputer – All Stories
- UK to require ID or face scan before you can make social media accountsby Ax Sharma on June 16, 2026 at 2:38 pm
Opening a new social media account in the UK will soon mean proving you’re […]
- GhostTree Attack Abused Recursive Windows Junctions to Hide Malwareby Sponsored by Varonis on June 16, 2026 at 2:17 pm
GhostTree uses recursive NTFS junctions to generate vast numbers of valid […]
- FTC warns of record $3.5 billion losses to imposter scams in 2025by Sergiu Gatlan on June 16, 2026 at 1:42 pm
The U.S. Federal Trade Commission (FTC) warned that Americans lost $3.5 […]
TechCrunch Startup and Technology News
- SpaceX is public: Everything you need to know post-IPOby Kirsten Korosec, Russell Brandom on June 16, 2026 at 3:53 pm
TechCrunch has followed SpaceX’s start, struggles, and successes from the early […]
- India orders temporary ban on Telegram over exam fraud concernsby Jagmeet Singh on June 16, 2026 at 3:49 pm
The restrictions include a nationwide ban on Telegram until June 22 and a […]
- Payments startup Flutterwave hits $3.2B valuation, backed by Rippleby Dominic-Madori Davis on June 16, 2026 at 3:35 pm
African payments infrastructure company Flutterwave has hit a new valuation and […]
The Hacker News Most trusted, widely-read independent cybersecurity news source for everyone; supported by hackers and IT professionals — Send TIPs to [email protected]
- New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds
by [email protected] (The Hacker News) on June 16, 2026 at 1:10 pmSecurity researchers at Zimperium’s zLabs have documented a new Android […]
- Survey: 94% of Incidents Involve Anonymized Infrastructure. Teams Are Still…
by [email protected] (The Hacker News) on June 16, 2026 at 11:30 amSecurity teams have never had more IP data at their disposal. Every day, […]
- Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week
by [email protected] (The Hacker News) on June 16, 2026 at 10:30 amBad actors are exploiting multiple security vulnerabilities in Fortinet […]
The DFIR Report Actionable Cyber Threat Intelligence
- Flash Alert: EtherRat and TukTuk C2 End in The Gentleman Ransomwareby editor on May 11, 2026 at 2:05 pm
The EtherRAT malware family was first reported by Sysdig back in December 2025. At that time, the initial access vector was exploitation of CVE-2025-55182 (React2Shell) targeting Linux servers. In March 2026, a Windows variant campaign was reported by Atos, with their investigation showing evidence of activity going back to the previous December. In April, we The post Flash Alert: EtherRat and TukTuk C2 End in The Gentleman Ransomware appeared first on The DFIR Report.
- Bissa Scanner Exposed: AI-Assisted Mass Exploitation and Credential Harvestingby editor on April 22, 2026 at 2:51 pm
Key Takeaways We identified an exposed server that provided unusual visibility into a large-scale, multi-victim exploitation and collection operation. Artifacts on the host showed that Claude Code and OpenClaw were embedded in the operator’s day-to-day workflow, supporting troubleshooting, orchestration, and refinement of the collection pipeline. This AI-assisted workflow resulted in the modular platform Bissa scanner The post Bissa Scanner Exposed: AI-Assisted Mass Exploitation and Credential Harvesting appeared first on The DFIR Report.
- Apache ActiveMQ Exploit Leads to LockBit Ransomwareby editor on February 23, 2026 at 2:09 pm
Key Takeaways An audio version of this report can be found on Spotify, Apple, YouTube, Audible, & Amazon. This intrusion began in mid-February 2024 after a threat actor exploited a vulnerability (CVE-2023-46604) on an exposed Apache ActiveMQ server. The threat actor was able to perform remote code execution (RCE) by using a Java Spring class and a custom Java Spring The post Apache ActiveMQ Exploit Leads to LockBit Ransomware appeared first on The DFIR Report.
Biz & IT – Ars Technica Serving the Technologist since 1998. News, reviews, and analysis.
- Critical Copilot vulnerability allowed hackers to seal 2FA code from users
by Dan Goodin on June 16, 2026 at 11:15 amSearchLeak exploit shows why the industry’s approach to LLM security fails over […]
- Users cry foul after AMD stripped memory crypto from its consumer CPUs
by Dan Goodin on June 15, 2026 at 5:55 pmAMD’s stripping of TSME from consumer CPUs appears to be a deliberate, covert […]
- PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data
by Dan Goodin on June 12, 2026 at 7:26 pmVulnerability in the Oracle-owned PeopleSoft software is about as critical as […]
Websec Cybersecurity Blog Expert insights, trends, research findings, and best practices from Websec security team to help you strengthen your organization’s security posture.
- A Comparison Between the Real User ID and the Effective User ID is not Enough to Prevent Privilege Escalationby Websec Security Team on October 3, 2023 at 7:39 pm
In Unix-like systems, processes have a real and effective user ID determining their access permissions. While usually identical, they can differ in situations like when the setuid bit is activated in executables.
- Websec DevSecOps Webinarby Websec Security Team on August 29, 2022 at 12:00 am
Roberto Salgado and Kobalt.io’s Miki Fukushima are hosting a free webinar on September 20, 2022 covering why application security matters, the shift to developer-first security, and a practical roadmap for embedding security into DevSecOps.
- CVE-2022-21404: Another story of developers fixing vulnerabilities unknowingly because of CodeQLby Websec Security Team on May 19, 2022 at 6:18 pm
How CodeQL may help reduce false negatives within Open-Source projects. Taking a look into a deserialization vulnerability within Oracle Helidon (CVE-2022-21404).