Direct Links | Infosec News Feeds
The San Francisco Beat
SFInfoSec aggregates the latest news, podcasts and books covering Cyber Security, Hacking, Infosec, Online Privacy, Cryptography, Threat Research and Vulnerability Disclosures from all the leading sources.
Threatpost The First Stop For Security News
- Student Loan Breach Exposes 2.5M Records
by Nate Nelson on August 31, 2022 at 12:57 pm2.5 million people were affected, in a breach that could spell more trouble […]
- Watering Hole Attacks Push ScanBox Keylogger
by Nate Nelson on August 30, 2022 at 4:00 pmResearchers uncover a watering hole attack likely carried out by APT TA423, […]
- Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
by Nate Nelson on August 29, 2022 at 2:56 pmOver 130 companies tangled in sprawling phishing campaign that spoofed a […]
Krebs on Security In-depth security news and investigation
- Who Runs the Ransomware Group ‘The Gentlemen?’
by BrianKrebs on June 10, 2026 at 2:03 pmA cybercrime group known as The Gentlemen has emerged as the second most active […]
- A Record-Breaking Patch Tuesday for June 2026
by BrianKrebs on June 9, 2026 at 10:07 pmMicrosoft today released software updates to plug nearly 200 security holes […]
- Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts
by BrianKrebs on June 1, 2026 at 5:32 pmThe Instagram accounts for the Obama White House and the Chief Master Sergeant […]
darkreading Public RSS feed
- Name That Toon Contest
.png?width=720&quality=80&disable=upscale "Name That Toon Contest")
on June 26, 2026 at 11:00 am - Chinese, N. Korean Threat Groups Build…
by Robert Lemos on June 11, 2026 at 12:01 amNorth Korea’s gross domestic product (GDP) has grown, in part because of the […]
- CISA Rewrites Federal Patching…
by Jai Vijayan on June 10, 2026 at 9:17 pmThe new directive gives federal agencies three days to fix the most dangerous […]
Blog RSS Feed Fortra Blog
- 3 Years In: How Is AI Doing? SANS Weighs Inby Katrina Thompson on December 15, 2025 at 8:09 am
It’s no secret that AI is “here.” It’s been here for three years now, […]
- What Is Log Management and Why you Need itby Anirudh Chand on November 24, 2025 at 6:00 am
It is arguable that log management forms the basis of modern cybersecurity. […]
- What Did We Learn from the NCSC’s 2025 Annual Review?by Josh Breaker-Rolfe on November 21, 2025 at 11:47 am
Earlier this year, the UK’s National Cyber Security Centre (NCSC) released […]
Security Latest Channel Description
- CISA Tells US Agencies to Fix Security Bugs in as Little as 3 Days Thanks to AI…
by Lily Hay Newman on June 10, 2026 at 8:55 pm“Defenders cannot afford to take weeks to patch,” one Cybersecurity and […]
- Trump Risks Key Surveillance Authority Over ‘Unqualified’ Spy-Chief Pick
by Dell Cameron on June 10, 2026 at 8:28 pmUS lawmakers are alarmed that Bill Pulte, a housing official with no […]
- Wrongful Arrest Exposes Failures in One of the Oldest Police Face-Recognition…
by Dell Cameron on June 10, 2026 at 2:00 pmThe ACLU is suing two Florida police departments over the arrest of a Fort […]
- Enhanced License Plate Trackingby Bruce Schneier on June 11, 2026 at 11:01 am
The surveillance company Leonardo wants more data: A surveillance company plans […]
- NSO Group Hacking WhatsApp Despite Court Orderby Bruce Schneier on June 10, 2026 at 11:08 am
WhatsApp has caught the NSO Group phishing its users, in violation of a court […]
- GPS As a Key Distribution Platformby Bruce Schneier on June 9, 2026 at 3:06 pm
This is interesting: The U.S. military has likely been quietly broadcasting […]
GRAHAM CLULEY Cybersecurity keynote speaker
- Smashing Security podcast #471: This AI worm just rewrote its own rulesby Graham Cluley on June 10, 2026 at 11:15 pm
Researchers at the University of Toronto have built a worm that thinks for […]
- Why schools remain one of cybercriminals’ favourite targetsby Graham Cluley on June 10, 2026 at 1:18 pm
Schools on both sides of the Atlantic have been revealed in recent days to have […]
- Got a LinkedIn message from a recruiter? It might be Chinese intelligence, warn…by Graham Cluley on June 5, 2026 at 5:13 pm
If you’ve ever received an out-of-the-blue message via LinkedIn from a […]
BleepingComputer BleepingComputer – All Stories
- Microsoft fixes BitLocker recovery bug on Windows Server 2025by Sergiu Gatlan on June 11, 2026 at 8:44 am
Microsoft has resolved a known issue causing some Windows Server 2025 devices […]
- Nottingham University data breach affects over 450,000 studentsby Sergiu Gatlan on June 11, 2026 at 7:27 am
The University of Nottingham confirmed on Wednesday that a hacking group […]
- Max severity Ivanti Sentry vulnerability now exploited in attacksby Sergiu Gatlan on June 11, 2026 at 6:20 am
Attackers are now targeting a recently patched maximum-severity flaw in Ivanti […]
TechCrunch Startup and Technology News
- Opendoor’s India exit is fueling a bigger conversation about AI and…by Jagmeet Singh on June 11, 2026 at 4:02 am
The decision comes as India emerges as the world’s largest GCC market.
- Anthropic’s Dario Amodei has just one direct reportby Connie Loizos on June 11, 2026 at 3:53 am
If you doubted his genius, doubt no more.
- xAI fired an engineer who raised alarms about Grok safety, new lawsuit claimsby Rebecca Bellan on June 10, 2026 at 10:31 pm
A former xAI engineer is suing the company and SpaceX, alleging he was fired […]
The Hacker News Most trusted, widely-read independent cybersecurity news source for everyone; supported by hackers and IT professionals — Send TIPs to [email protected]
- OceanLotus Hits Vietnam Investors With SPECTRALVIPER in FireAnt Attack
by [email protected] (The Hacker News) on June 11, 2026 at 9:45 amThe Vietnam-aligned threat actor known as OceanLotus has been attributed to two […]
- GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks
by [email protected] (The Hacker News) on June 11, 2026 at 6:23 amGitHub has announced what it said are “breaking changes” coming to npm version […]
- China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber Reconnaissance
by [email protected] (The Hacker News) on June 10, 2026 at 4:08 pmCybersecurity researchers have warned of a “resurgence and expansion” of JDY, a […]
The DFIR Report Actionable Cyber Threat Intelligence
- Flash Alert: EtherRat and TukTuk C2 End in The Gentleman Ransomwareby editor on May 11, 2026 at 2:05 pm
The EtherRAT malware family was first reported by Sysdig back in December 2025. At that time, the initial access vector was exploitation of CVE-2025-55182 (React2Shell) targeting Linux servers. In March 2026, a Windows variant campaign was reported by Atos, with their investigation showing evidence of activity going back to the previous December. In April, we The post Flash Alert: EtherRat and TukTuk C2 End in The Gentleman Ransomware appeared first on The DFIR Report.
- Bissa Scanner Exposed: AI-Assisted Mass Exploitation and Credential Harvestingby editor on April 22, 2026 at 2:51 pm
Key Takeaways We identified an exposed server that provided unusual visibility into a large-scale, multi-victim exploitation and collection operation. Artifacts on the host showed that Claude Code and OpenClaw were embedded in the operator’s day-to-day workflow, supporting troubleshooting, orchestration, and refinement of the collection pipeline. This AI-assisted workflow resulted in the modular platform Bissa scanner The post Bissa Scanner Exposed: AI-Assisted Mass Exploitation and Credential Harvesting appeared first on The DFIR Report.
- Apache ActiveMQ Exploit Leads to LockBit Ransomwareby editor on February 23, 2026 at 2:09 pm
Key Takeaways An audio version of this report can be found on Spotify, Apple, YouTube, Audible, & Amazon. This intrusion began in mid-February 2024 after a threat actor exploited a vulnerability (CVE-2023-46604) on an exposed Apache ActiveMQ server. The threat actor was able to perform remote code execution (RCE) by using a Java Spring class and a custom Java Spring The post Apache ActiveMQ Exploit Leads to LockBit Ransomware appeared first on The DFIR Report.
Biz & IT – Ars Technica Serving the Technologist since 1998. News, reviews, and analysis.
- Locked in heated rivalry with researcher, Microsoft fixes 0-day they disclosed
by Dan Goodin on June 9, 2026 at 8:56 pmA separate zero-day also disclosed by Nightmare Eclipse appears to be patched […]
- High-severity vulnerability in Linux caused by a single faulty character
by Dan Goodin on June 9, 2026 at 3:12 pmUse-after-free bug can be exploited to evade sandbox defenses.
- For the 2nd time in weeks, Microsoft packages laced with credential stealer
by Dan Goodin on June 8, 2026 at 6:34 pm73 packages run self-replicating stealer as soon as they’re opened by an AI […]
Websec Cybersecurity Blog Expert insights, trends, research findings, and best practices from Websec security team to help you strengthen your organization’s security posture.
- A Comparison Between the Real User ID and the Effective User ID is not Enough to Prevent Privilege Escalationby Websec Security Team on October 3, 2023 at 7:39 pm
In Unix-like systems, processes have a real and effective user ID determining their access permissions. While usually identical, they can differ in situations like when the setuid bit is activated in executables.
- Websec DevSecOps Webinarby Websec Security Team on August 29, 2022 at 12:00 am
Roberto Salgado and Kobalt.io’s Miki Fukushima are hosting a free webinar on September 20, 2022 covering why application security matters, the shift to developer-first security, and a practical roadmap for embedding security into DevSecOps.
- CVE-2022-21404: Another story of developers fixing vulnerabilities unknowingly because of CodeQLby Websec Security Team on May 19, 2022 at 6:18 pm
How CodeQL may help reduce false negatives within Open-Source projects. Taking a look into a deserialization vulnerability within Oracle Helidon (CVE-2022-21404).