<<Page Under Construction đ >>
What does RSS even mean? RSS stands for “Really Simple Syndication”, which is a standardized system for the distribution of content from an online publisher to Internet users.
What this really means is that below, you’ll find some news feeds that I’ve chosen to follow on this page. I’m not responsible for the content, but I have tried to focus the sources to be interesting to Cybersecurity and Information Security professionals. Or, anyone who is interested in those topics. Or, anyone at all who would like to read them.
If you’re the author of a feed, or have a suggestion on one I should add to this page, please drop me a note!
General Cyber News Feeds
Forbes – Cybersecurity News
ZDNet – Security News
KrebsOnSecurity – In-depth Security News and Investigation
CSO Online, from IDG – Hottest Topics on Cyber and Security
The Hacker News – Cybersecurity News and Analysis
The Guardian – Data and Security
Threatpost – First Stop for Security News
Dark Reading – Connecting the Information and Security Community
SANS Institute – Security Awareness Tip of the Day
Help Net Security – Daily infosec news with a focus on enterprise security
IT Security Central – User Activity Monitoring | DLP | Employee Productivity
TechRepublic – Straight up Security
WeLiveSecurity – News, views, and insight from the ESET security community
Schneier on Security – A blog covering security and security technology
Lohrmann on Cybersecurity – Government Technology RSS Feed
Forbes – Cybersecurity News
- Feed has no items.
ZDNet – Security News
- Feed has no items.
Krebs On Security – In-depth Security News and Investigation
- âScattered Spiderâ Member âTylerbâ Pleads Guilty
on 2026-04-21A 24-year-old British national and senior member of the cybercrime group "Scattered Spider" has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan admitted his role in a series of text-message phishing attacks in the summer of 2022 that allowed the group to hack into at least a dozen major technology […]
- Patch Tuesday, April 2026 Edition
on 2026-04-14Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly disclosed weakness in Windows Defender dubbed "BlueHammer." Separately, Google Chrome fixed its fourth zero-day of 2026, and an emergency update for […]
- Russia Hacked Routers to Steal Microsoft Office Tokens
on 2026-04-07Hackers linked to Russia's military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens from users on more than 18,000 networks without […]
- Germany Doxes âUNKN,â Head of RU Ransomware Gangs REvil, GandCrab
on 2026-04-06An elusive hacker who went by the handle "UNKN" and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cybercrime gangs and helped carry out at least 130 acts of computer sabotage and extortion against victims across the […]
- âCanisterWormâ Springs Wiper Attack Targeting Iran
on 2026-03-23A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran's time zone or have Farsi set as the default language.
- Feds Disrupt IoT Botnets Behind Huge DDoS Attacks
on 2026-03-20The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three million hacked Internet of Things (IoT) devices, such as routers and web cameras. The feds say the four botnets -- named Aisuru, Kimwolf, JackSkid and Mossad -- are […]
CSO Online, from IDG – Hottest Topics on Cyber and Security
- Feed has no items.
The Hacker News – Cybersecurity News and Analysis
- Bridging the AI Agent Authority Gap: Continuous Observability as the Decision Engine
on 2026-04-24 by info@thehackernews.com (The Hacker News)The AI Agent Authority Gap - From Ungoverned to Delegation As discussed in our previous article, AI agents are exposing a structural gap in enterprise security, but the problem is often framed too narrowly. The issue is not simply that agents are new actors. It is that agents are delegated actors. They do not emerge with […]
- 26 FakeWallet Apps Found on Apple App Store Targeting Crypto Seed Phrases
on 2026-04-24 by info@thehackernews.com (The Hacker News)Cybersecurity researchers have discovered a set of malicious apps on the Apple App Store that impersonate popular cryptocurrency wallets in an attempt to steal recovery phrases and private keys since at least fall 2025. "Once launched, these apps redirect users to browser pages designed to look similar to the App Store and […]
- Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2
on 2026-04-24 by info@thehackernews.com (The Hacker News)Chinese-speaking individuals are the target of a new campaign that uses a trojanized version of SumatraPDF reader to deploy the AdaptixC2 Beacon post-exploitation agent and ultimately facilitate the abuse of Microsoft Visual Studio Code (VS Code) tunnels for remote access. Zscaler ThreatLabz, which discovered the campaign […]
- LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure
on 2026-04-24 by info@thehackernews.com (The Hacker News)A high-severity security flaw in LMDeploy, an open-source toolkit for compressing, deploying, and serving LLMs, has come under active exploitation in the wild less than 13 hours after its public disclosure. The vulnerability, tracked as CVE-2026-33626 (CVSS score: 7.5), relates to a Server-Side Request Forgery (SSRF) […]
- UNC6692 Impersonates IT Help Desk via Microsoft Teams to Deploy SNOW Malware
on 2026-04-23 by info@thehackernews.com (The Hacker News)A previously undocumented threat activity cluster known as UNC6692 has been observed leveraging social engineering tactics via Microsoft Teams to deploy a custom malware suite on compromised hosts. "As with many other intrusions in recent years, UNC6692 relied heavily on impersonating IT help desk employees, convincing […]
- Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
on 2026-04-23 by info@thehackernews.com (The Hacker News)Bitwarden CLI, the command-line interface for the password manager Bitwarden, has reportedly been compromised as part of a newly discovered and ongoing Checkmarx supply chain campaign, according to findings from JFrog and Socket. "The affected package version appears to be @bitwarden/cli@2026.4.0, and the malicious code […]
The Guardian – Data and Security
- Feed has no items.
Threatpost – First Stop for Security News
- Student Loan Breach Exposes 2.5M Records
on 2022-08-31 by Nate Nelson2.5 million people were affected, in a breach that could spell more trouble down the line.
- Watering Hole Attacks Push ScanBox Keylogger
on 2022-08-30 by Nate NelsonResearchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
- Tentacles of â0ktapusâ Threat Group Victimize 130 Firms
on 2022-08-29 by Nate NelsonOver 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.
- Ransomware Attacks are on the Rise
on 2022-08-26 by Nate NelsonLockbit is by far this summerâs most prolific ransomware group, trailed by two offshoots of the Conti group.
- Cybercriminals Are Selling Access to Chinese Surveillance Cameras
on 2022-08-25 by Nate NelsonTens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.
- Twitter Whistleblower Complaint: The TL;DR Version
on 2022-08-24 by ThreatpostTwitter is blasted for security and privacy lapses by the companyâs former head of security who alleges the social media giantâs actions amount to a national security risk.
Dark Reading – Connecting the Information and Security Community
- Feed has no items.
SANS Institute – Security Awareness Tip of the Day
- Feed has no items.
Help Net Security – Daily infosec news with a focus on enterprise security
- Feed has no items.
IT Security Central – User Activity Monitoring | DLP | Employee Productivity
- Feed has no items.
TechRepublic – Straight up Security
- Apple Fixes iPhone Bug After FBI Retrieved Signal Messages
on 2026-04-23 by Joseph OfonagoroApple patched an iPhone notification bug that let deleted messages linger in system storage, closing a privacy gap exposed by an FBI Signal case. The post Apple Fixes iPhone Bug After FBI Retrieved Signal Messages appeared first on TechRepublic.
- Googleâs Pixel Update Sparks âSevereâ Battery Drain Across Multiple Modelson 2026-04-23 by Aminu Abdullahi
Google Pixel users are reporting severe battery drain after recent Android updates, with complaints spanning multiple models and no confirmed fix yet. The post Googleâs Pixel Update Sparks âSevereâ Battery Drain Across Multiple Models appeared first on TechRepublic.
- Microsoft Patch Still Leaves 1,300 SharePoint Servers Exposedon 2026-04-22 by Ken Underhill
More than 1,300 internet-exposed SharePoint servers remain unpatched against CVE-2026-32201, a spoofing flaw Microsoft says was exploited as a zero-day. The post Microsoft Patch Still Leaves 1,300 SharePoint Servers Exposed appeared first on TechRepublic.
- Vonage, Girls Who Code Show What âResponsible AIâ Looks Likeon 2026-04-22 by Zeus Kerravala
Vonageâs partnership with Girls Who Code is more than feel-good philanthropy; itâs a blueprint for building diverse AI talent pipelines. The post Vonage, Girls Who Code Show What âResponsible AIâ Looks Like appeared first on TechRepublic.
- Mozilla Fixes 271 Firefox Bugs Using Anthropicâs Mythos AIon 2026-04-22 by Aminu Abdullahi
Mozilla says Firefox 150 patches 271 vulnerabilities found with Anthropicâs restricted Mythos AI, highlighting how quickly AI-driven bug hunting is accelerating. The post Mozilla Fixes 271 Firefox Bugs Using Anthropicâs Mythos AI appeared first on TechRepublic.
- Fake Google Antigravity Installer Can Steal Accounts in Minuteson 2026-04-22 by Kezia Jungco
Fake Antigravity downloads are enabling fast account takeovers using hidden malware and stolen session cookies. The post Fake Google Antigravity Installer Can Steal Accounts in Minutes appeared first on TechRepublic.
WeLiveSecurity – News, views, and insight from the ESET security community
- GopherWhisper: A burrow full of malwareon 2026-04-23
ESET Research has discovered a new China-aligned APT group that weâve named GopherWhisper, which targets Mongolian governmental institutions
- New NGate variant hides in a trojanized NFC payment appon 2026-04-21
ESET researchers discover another iteration of NGate malware, this time possibly developed with the assistance of AI
- What the ransom note wonât sayon 2026-04-20
An attack is what you see, but a business operation is what youâre up against
- That data breach alert might be a trapon 2026-04-17
Ignoring a real breach notification invites risk, but falling for a bogus one could be even worse. Stop reacting on autopilot.
- Supply chain dependencies: Have you checked your blind spot?on 2026-04-16
Your biggest risk may be a vendor you trust. How can SMBs map their third-party blind spots and build operational resilience?
- Recovery scammers hit you when youâre down: Hereâs how to avoid a second strikeon 2026-04-10
If youâve been a victim of fraud, youâre likely already a lead on a âsucker listâ â and if youâre not careful, your ordeal may be about to get worse.
Schneier on Security – A blog covering security and security technology
- Hiding Bluetooth Trackers in Mailon 2026-04-24
It was used to track a Dutch naval ship: Dutch journalist Just Vervaart, working for regional media network Omroep Gelderland, followed the directions posted on the Dutch government website and mailed a postcard with a hidden tracker inside. Because of this, they were able to track the ship for about a day, watching it sail from Heraklion, Crete, […]
- FBI Extracts Deleted Signal Messages from iPhone Notification Databaseon 2026-04-23
404 Media reports (alternate site): The FBI was able to forensically extract copies of incoming Signal messages from a defendantâs iPhone, even after the app was deleted, because copies of the content were saved in the deviceâs push notification databaseâŚ. The news shows how forensic extractionâÂwhen someone has physical access to a […]
- ICE Uses Graphite Spywareon 2026-04-22
ICE has admitted that it uses spyware from the Israeli company Graphite.
- Mexican Surveillance Companyon 2026-04-21
Grupo Seguritech is a Mexican surveillance company that is expanding into the US.
- Is âSatoshi Nakamotoâ Really Adam Back?on 2026-04-20
The New York Times has a long article where the author lays out an impressive array of circumstantial evidence that the inventor of Bitcoin is the cypherpunk Adam Back. I donât know. The article is convincing, but itâs written to be convincing. I canât remember if I ever met Adam. I was a member of the Cypherpunks mailing list for a while, […]
- Friday Squid Blogging: New Giant Squid Videoon 2026-04-17
Pretty fantastic video from Japan of a giant squid eating another squid. As usual, you can also use this squid post to talk about the security stories in the news that I havenât covered. Blog moderation policy.
Lohrmann on Cybersecurity – Government Technology RSS Feed
- A History of Global Hacking â and Where Itâs Going Nexton 2026-04-19
In her new book, Code War: How Nations Hack, Spy, and Shape the Digital Battlefield, Allie Mellen provides true stories of the current cyber war and, importantly, what might be ahead.
- Why Anthropicâs Mythos Is a Systemic Shift for Global Cybersecurityon 2026-04-12
With the release of Anthropicâs Project Glasswing and Claude Mythos, how should CISOs navigate the arrival of automated exploit chaining, collapsing patch cycles and the inevitable rise of adversarial AI?
- Post-Quantum Cryptography: Moving From Awareness to Executionon 2026-04-05
Google recently released important research that moves Q-Day â the day quantum computers will be able to âbreak the Internetâ â up to 2029. How should enterprises secure their systems?
- RSAC 2026 Highlights: From Agentic AI to Active Defenseon 2026-03-29
How can enterprises scale cyber defenses for the coming agentic workforce? What are the top cyber trends and challenges flowing from our new normal? Letâs explore through an RSAC lens.
- What Is Physical AI, and What Does It Mean for Government?on 2026-03-22
From Davos insights to state readiness, letâs explore how robotics and sensors are moving artificial intelligence into the physical world.
- New Federal Strategies, Rising Risk From Iran Top Cyber Themeson 2026-03-15
When cybersecurity experts from the public and private sectors gathered this week, AI and critical infrastructure took a back seat to frontline defense in light of recent international headlines.
#StayVigilant
#StaySafe
#LookOutForEachOther