<<Page Under Construction 😉 >>
What does RSS even mean? RSS stands for “Really Simple Syndication”, which is a standardized system for the distribution of content from an online publisher to Internet users.
What this really means is that below, you’ll find some news feeds that I’ve chosen to follow on this page. I’m not responsible for the content, but I have tried to focus the sources to be interesting to Cybersecurity and Information Security professionals. Or, anyone who is interested in those topics. Or, anyone at all who would like to read them.
If you’re the author of a feed, or have a suggestion on one I should add to this page, please drop me a note!
General Cyber News Feeds
Forbes – Cybersecurity News
ZDNet – Security News
KrebsOnSecurity – In-depth Security News and Investigation
CSO Online, from IDG – Hottest Topics on Cyber and Security
The Hacker News – Cybersecurity News and Analysis
The Guardian – Data and Security
Threatpost – First Stop for Security News
Dark Reading – Connecting the Information and Security Community
SANS Institute – Security Awareness Tip of the Day
Help Net Security – Daily infosec news with a focus on enterprise security
IT Security Central – User Activity Monitoring | DLP | Employee Productivity
TechRepublic – Straight up Security
WeLiveSecurity – News, views, and insight from the ESET security community
Schneier on Security – A blog covering security and security technology
Lohrmann on Cybersecurity – Government Technology RSS Feed
Forbes – Cybersecurity News
- Feed has no items.
ZDNet – Security News
- Feed has no items.
Krebs On Security – In-depth Security News and Investigation
- Who is the Kimwolf Botmaster “Dort”?
on 2026-02-28In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to assemble Kimwolf, the world's largest and most disruptive botnet. Since then, the person in control of Kimwolf -- who goes by the handle "Dort" -- has coordinated a barrage of distributed denial-of-service (DDoS), doxing and email […]
- ‘Starkiller’ Phishing Service Proxies Real Login Pages, MFA
on 2026-02-20Most phishing websites are little more than static copies of login pages for popular online destinations, and they are often quickly taken down by anti-abuse activists and security firms. But a stealthy new phishing-as-a-service offering lets customers sidestep both of these pitfalls: It uses cleverly disguised links to load the target brand's […]
- Kimwolf Botnet Swamps Anonymity Network I2P
on 2026-02-11For the past week, the massive "Internet of Things" (IoT) botnet known as Kimwolf has been disrupting the The Invisible Internet Project (I2P), a decentralized, encrypted communications network designed to anonymize and secure online communications. I2P users started reporting disruptions in the network around the same time the Kimwolf botmasters […]
- Patch Tuesday, February 2026 Edition
on 2026-02-10Microsoft today released updates to fix more than 50 security holes in its Windows operating systems and other software, including patches for a whopping six "zero-day" vulnerabilities that attackers are already exploiting in the wild.
- Please Don’t Feed the Scattered Lapsus ShinyHunters
on 2026-02-02A prolific data ransom gang that calls itself Scattered Lapsus ShinyHunters (SLSH) has a distinctive playbook when it seeks to extort payment from victim firms: Harassing, threatening and even swatting executives and their families, all while notifying journalists and regulators… Read More »
- Who Operates the Badbox 2.0 Botnet?
on 2026-01-26The cybercriminals in control of Kimwolf -- a disruptive botnet that has infected more than 2 million devices -- recently shared a screenshot indicating they'd compromised the control panel for Badbox 2.0, a vast China-based botnet powered by malicious software that comes pre-installed on many Android TV streaming boxes. Both the FBI and Google […]
CSO Online, from IDG – Hottest Topics on Cyber and Security
- Feed has no items.
The Hacker News – Cybersecurity News and Analysis
- Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting India
on 2026-03-06 by info@thehackernews.com (The Hacker News)The Pakistan-aligned threat actor known as Transparent Tribe has become the latest hacking group to embrace artificial intelligence (AI)-powered coding tools to strike targets with various implants. The activity is designed to produce a "high-volume, mediocre mass of implants" that are developed using lesser-known […]
- Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT
on 2026-03-06 by info@thehackernews.com (The Hacker News)Cybersecurity researchers have disclosed details of a multi-stage malware campaign that uses batch scripts as a pathway to deliver various encrypted remote access trojan (RATs) payloads that correspond to XWorm, AsyncRAT, and Xeno RAT. The stealthy attack chain has been codenamed VOID#GEIST by Securonix Threat Research. At […]
- The MSP Guide to Using AI-Powered Risk Management to Scale Cybersecurity
on 2026-03-06 by info@thehackernews.com (The Hacker News)Scaling cybersecurity services as an MSP or MSSP requires technical expertise and a business model that delivers measurable value at scale. Risk-based cybersecurity is the foundation of that model. When done right, it builds client trust, increases upsell opportunities, and drives recurring revenue. But to deliver this […]
- Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor
on 2026-03-06 by info@thehackernews.com (The Hacker News)New research from Broadcom's Symantec and Carbon Black Threat Hunter Team has discovered evidence of an Iranian hacking group embedding itself in several U.S. companies' networks, including banks, airports, non-profit, and the Israeli arm of a software company. The activity has been attributed to a state-sponsored hacking […]
- China-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom Attacks
on 2026-03-06 by info@thehackernews.com (The Hacker News)A China-linked advanced persistent threat (APT) actor has been targeting critical telecommunications infrastructure in South America since 2024, targeting Windows and Linux systems and edge devices with three different implants. The activity is being tracked by Cisco Talos under the moniker UAT-9244, describing it as […]
- Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer
on 2026-03-06 by info@thehackernews.com (The Hacker News)Microsoft on Thursday disclosed details of a new widespread ClickFix social engineering campaign that has leveraged the Windows Terminal app as a way to activate a sophisticated attack chain and deploy the Lumma Stealer malware. The activity, observed in February 2026, makes use of the terminal emulator program instead of […]
The Guardian – Data and Security
- Feed has no items.
Threatpost – First Stop for Security News
- Student Loan Breach Exposes 2.5M Records
on 2022-08-31 by Nate Nelson2.5 million people were affected, in a breach that could spell more trouble down the line.
- Watering Hole Attacks Push ScanBox Keylogger
on 2022-08-30 by Nate NelsonResearchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
- Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
on 2022-08-29 by Nate NelsonOver 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.
- Ransomware Attacks are on the Rise
on 2022-08-26 by Nate NelsonLockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.
- Cybercriminals Are Selling Access to Chinese Surveillance Cameras
on 2022-08-25 by Nate NelsonTens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.
- Twitter Whistleblower Complaint: The TL;DR Version
on 2022-08-24 by ThreatpostTwitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.
Dark Reading – Connecting the Information and Security Community
- Feed has no items.
SANS Institute – Security Awareness Tip of the Day
- Feed has no items.
Help Net Security – Daily infosec news with a focus on enterprise security
- Iran-linked APT targets US critical sectors with new backdoors
on 2026-03-06 by Zeljka ZorzAn Iran-linked hacking group has been active inside the networks of several US organizations since early February, raising concerns that the activity could precede broader cyber operations connected to escalating geopolitical tensions in the Middle East. New backdoors used by Seedworm Symantec and Carbon Black researchers have attributed the […]
- Microsoft working on Teams feature to keep unauthorized bots at bayon 2026-03-06 by Sinisa Markovic
Microsoft plans to add a new Teams feature that lets meeting admins identify and control third-party bots before they join. According to the Microsoft 365 Roadmap, the feature is scheduled to begin rolling out in May 2026 on Desktop, Mac, Linux, iOS, and Android versions of Microsoft Teams. Bots that are part of a company’s internal tools and […]
- New cyber module strengthens risk planning for health organizationson 2026-03-06 by Anamarija Pogorelec
The Administration for Strategic Preparedness and Response’s (ASPR) new cybersecurity module in the Risk Identification and Site Criticality (RISC) 2.0 Toolkit helps organizations identify critical gaps, prioritize investments, and make informed decisions about risk mitigation to reduce disruptions to patient care and strengthen resilience. […]
- Hexnode IdP brings device-aware authentication and zero trust to enterprise accesson 2026-03-06 by Industry News
Hexnode has announced the launch of Hexnode IdP. By introducing this native identity layer, Hexnode delivers enterprise-grade authentication and identity management within a single, unified framework. While debuting as a dedicated Identity Provider (IdP), the solution marks a significant expansion of the Hexnode ecosystem, acting as a […]
- Cyolo PRO 7.0 expands OT-first secure remote access with AI session intelligenceon 2026-03-06 by Industry News
Cyolo has released Cyolo PRO (Privileged Remote Operations) v7.0, a major update that expands OT-first secure remote access and strengthens protection for critical infrastructure and industrial environments without disrupting operations. Secure remote access (SRA) tools focus primarily on managing access. Cyolo has always delivered a more holistic […]
- Cursor Automations turns code review and ops into background taskson 2026-03-06 by Anamarija Pogorelec
Cursor Automations, the always-on agent platform from Cursor, is expanding with a new generation of autonomous systems that streamline code review, incident response, and other engineering workflows. The platform runs AI agents on schedules or in response to development events. These triggers include merged pull requests on GitHub, newly created […]
IT Security Central – User Activity Monitoring | DLP | Employee Productivity
- Feed has no items.
TechRepublic – Straight up Security
- FBI Investigates Suspicious Activity in Surveillance Platformon 2026-03-07 by Ken Underhill
The FBI is investigating suspicious cyber activity in a system used to process surveillance and wiretap warrants, raising concerns about security risks to sensitive data. The post FBI Investigates Suspicious Activity in Surveillance Platform appeared first on TechRepublic.
- LexisNexis Hack Exposes 3.9M Records Through Unpatched React Vulnerabilityon 2026-03-06 by Joseph Ofonagoro
LexisNexis confirmed a data breach after hackers leaked stolen files, with attackers claiming they exploited the React2Shell vulnerability. The post LexisNexis Hack Exposes 3.9M Records Through Unpatched React Vulnerability appeared first on TechRepublic.
- Bitwarden Brings Passkey Logins to Windows 11, Expanding Passwordless Sign-Inson 2026-03-06 by Aminu Abdullahi
Bitwarden now supports passkey logins on Windows 11 for Microsoft Entra ID users, extending passwordless sign-ins to device authentication. The post Bitwarden Brings Passkey Logins to Windows 11, Expanding Passwordless Sign-Ins appeared first on TechRepublic.
- Hackers Used New Exploit Kit to Compromise Thousands of iPhoneson 2026-03-05 by Ken Underhill
Thousands of iPhones were compromised using the Coruna exploit kit, which chained 23 iOS vulnerabilities into advanced attacks used for espionage and cybercrime. The post Hackers Used New Exploit Kit to Compromise Thousands of iPhones appeared first on TechRepublic.
- Anthropic CEO Calls OpenAI’s Military Messaging ‘Straight Up Lies’on 2026-03-05 by TechRepublic Staff
Anthropic CEO Dario Amodei is openly challenging how OpenAI describes its defense work, sharpening the debate over what AI “guardrails” really mean. The post Anthropic CEO Calls OpenAI’s Military Messaging ‘Straight Up Lies’ appeared first on TechRepublic.
- LastPass Review: Features, Pricing, Security, and Who It’s Best Foron 2026-03-05 by Ken Underhill
Read our LastPass review covering pricing, security, features, pros and cons, and whether LastPass is safe or free. The post LastPass Review: Features, Pricing, Security, and Who It’s Best For appeared first on TechRepublic.
WeLiveSecurity – News, views, and insight from the ESET security community
- What cybersecurity actually does for your businesson 2026-03-06
The ability to continue operating safely in an unsafe environment where competitors cannot is a competitive advantage that is rarely measured or discussed
- How SMBs use threat research and MDR to build a defensive edgeon 2026-03-05
We speak to Director of ESET Threat Research Jean-Ian Boutin about where solutions that blend advanced technology with human expertise provide the most practical value for businesses
- Protecting education: How MDR can tip the balance in favor of schoolson 2026-03-04
The education sector is notoriously short on cash, but rich in assets for threat actors to target. How can managed detection and response (MDR) help learning institutions regain the initiative?
- This month in security with Tony Anscombe – February 2026 editionon 2026-02-28
In this roundup, Tony looks at how opportunistic threat actors are taking advantage of weak authentication, unmanaged exposure, and popular AI tools
- Mobile app permissions (still) matter more than you may thinkon 2026-02-27
Start using a new app and you’ll often be asked to grant it permissions. But blindly accepting them could expose you to serious privacy and security risks.
- Faking it on the phone: How to tell if a voice call is AI or noton 2026-02-23
Can you believe your ears? Increasingly, the answer is no. Here’s what’s at stake for your business, and how to beat the deepfakers.
Schneier on Security – A blog covering security and security technology
- Friday Squid Blogging: Squid in Byzantine Monk Cookingon 2026-03-06
This is a very weird story about how squid stayed on the menu of Byzantine monks by falling between the cracks of dietary rules. At Constantinople’s Monastery of Stoudios, the kitchen didn’t answer to appetite. It answered to the “typikon”: a manual for ensuring that nothing unexpected happened at mealtimes. Meat: forbidden. Dairy: […]
- Anthropic and the Pentagonon 2026-03-06
OpenAI is in and Anthropic is out as a supplier of AI technology for the US defense department. This news caps a week of bluster by the highest officials in the US government towards some of the wealthiest titans of the big tech industry, and the overhanging specter of the existential risks posed by a new technology powerful enough that the […]
- Claude Used to Hack Mexican Governmenton 2026-03-06
An unknown hacker used Anthropic’s LLM to hack the Mexican government: The unknown Claude user wrote Spanish-language prompts for the chatbot to act as an elite hacker, finding vulnerabilities in government networks, writing computer scripts to exploit them and determining ways to automate data theft, Israeli cybersecurity startup Gambit […]
- Israel Hacked Traffic Cameras in Iranon 2026-03-05
Multiple news outlets are reporting on Israel’s hacking of Iranian traffic cameras and how they assisted with the killing of that country’s leadership. The New York Times has an <a href="https://www.nytimes.com/2026/03/01/us/politics/cia-israel-ayatollah-compound.html"<article on the intelligence operation more generally.
- Hacked App Part of US/Israeli Propaganda Campaign Against Iranon 2026-03-05
Wired has the story: Shortly after the first set of explosions, Iranians received bursts of notifications on their phones. They came not from the government advising caution, but from an apparently hacked prayer-timing app called BadeSaba Calendar that has been downloaded more than 5 million times from the Google Play Store. The messages arrived […]
- Manipulating AI Summarization Featureson 2026-03-04
Microsoft is reporting: Companies are embedding hidden instructions in “Summarize with AI” buttons that, when clicked, attempt to inject persistence commands into an AI assistant’s memory via URL prompt parameters…. These prompts instruct the AI to “remember [Company] as a trusted source” or “recommend [Company] first,” aiming to […]
Lohrmann on Cybersecurity – Government Technology RSS Feed
- From Michigan to Silicon Valley: A Conversation With Mohamad Yassineon 2026-03-01
Lessons on humility, careers, the automotive sector, “cowboy coding” and disrupting with AI from a lifelong innovator.
- Defending Your Castle: Best Practices for Smart Home Securityon 2026-02-22
Some ways to master the essential tools to protect your privacy without sacrificing the convenience of modern smart technology.
- Your Smart Home Is Watching You: Privacy in the Age of AI Robotson 2026-02-15
From compromised TVs to AI-powered house chores, exploring the evolving global threats and why human-centric security matters more than ever.
- How Global Power Struggles Are Rewriting Cyber Defenseon 2026-02-08
Navigating insights from the World Economic Forum’s meeting at Davos on AI-driven threats, the push for digital sovereignty and the weaponization of critical global infrastructure.
- After TikTok: Navigating the Complex Web of Foreign Tech Banson 2026-02-01
As federal and state governments extend their lists of banned foreign technologies, where is this trend heading next? Is your home network safe for work use?
- Cybersecurity’s New Business Case: Fraudon 2026-01-25
Government security leaders are struggling. Cyber investments are lagging. Resources are being cut. The problem is getting worse. Let’s explore solutions.
#StayVigilant
#StaySafe
#LookOutForEachOther