feed.sh
$ fetch-rss --list-sources
→ Bad Sector Labs · Bleeping Computer · Cloudflare Blog · CNCF Blog · HashiCorp Blog · Infosecurity Magazine · Krebs on Security · Last Week in AWS · Risky Business · Risky Business Newsletter · SANS Internet Stormcast · Schneier on Security · Security Brief NZ · The Hacker News · The New Stack · The Register · Troy Hunt
$ fetch-rss --stats
→ 141 articles · 17 sources · refreshed on deploy
Bad Sector Labs ↗
SecurityResearch
Bleeping Computer ↗
SecurityMalware
- 18 Apr Critical flaw in Protobuf library enables JavaScript code execution ↗
- 18 Apr Microsoft Teams right-click paste broken by Edge update bug ↗
- 18 Apr NAKIVO v11.2: Ransomware Defense, Faster Replication, vSphere 9, and Proxmox VE 9.0 Support ↗
- 17 Apr Payouts King ransomware uses QEMU VMs to bypass endpoint security ↗
- 17 Apr Grinex exchange blames "Western intelligence" for $13.7M crypto hack ↗
- 17 Apr Inside an Underground Guide: How Threat Actors Vet Stolen Credit Card Shops ↗
- 17 Apr Webinar: From phishing to fallout — Why MSPs must rethink both security and recovery ↗
- 17 Apr CISA flags Apache ActiveMQ flaw as actively exploited in attacks ↗
- 17 Apr Microsoft: Some Windows servers enter reboot loops after April patches ↗
- 17 Apr Man gets 30 months for selling thousands of hacked DraftKings accounts ↗
Cloudflare Blog ↗
CloudInfrastructure
- 17 Apr Introducing the Agent Readiness score. Is your site agent-ready? ↗
- 17 Apr Shared Dictionaries: compression that keeps up with the agentic web ↗
- 17 Apr Agents that remember: introducing Agent Memory ↗
- 17 Apr Introducing Flagship: feature flags built for the age of AI ↗
- 17 Apr Agents Week: network performance update ↗
- 17 Apr Redirects for AI Training enforces canonical content ↗
- 17 Apr Unweight: how we compressed an LLM 22% without sacrificing quality ↗
- 16 Apr Cloudflare’s AI Platform: an inference layer designed for agents ↗
- 16 Apr Building the foundation for running extra-large language models ↗
- 16 Apr Artifacts: versioned storage that speaks Git ↗
CNCF Blog ↗
KubernetesCloud
- 17 Apr K3s on On-Prem Infrastructures the GitOps Way: Writing a Custom k0rdent Template from Scratch ↗
- 16 Apr The AI-driven shift in vulnerability discovery: What maintainers and bug finders need to know ↗
- 16 Apr How To Measure the ROI of Developer Tools ↗
- 13 Apr ingress-nginx to Envoy Gateway migration on CNCF internal services cluster ↗
- 11 Apr What I Learned at My First KubeCon + CloudNativeCon as a High School Speaker ↗
- 10 Apr Rethinking platform engineering through diverse perspectives at KubeCon + CloudNativeCon EU Amsterdam ↗
- 09 Apr CNCF and PyTorch communities come together at KubeCon + CloudNativeCon China 2026: CFP now open ↗
- 06 Apr Peer-to-Peer acceleration for AI model distribution with Dragonfly ↗
- 02 Apr GitOps policy-as-code: Securing Kubernetes with Argo CD and Kyverno ↗
- 31 Mar Sustaining OpenTelemetry: Moving from dependency management to stewardship ↗
HashiCorp Blog ↗
InfrastructureDevOps
- 17 Apr Advancing secret sync with workload identity federation ↗
- 15 Apr Agentic AI changes the shape of trust ↗
- 14 Apr Vault Enterprise 2.0 modernizes identity security at scale ↗
- 09 Apr Simplifying Terraform dynamic credentials on AWS with native OIDC integration ↗
- 01 Apr AWS permission delegation now generally available in HCP Terraform ↗
- 01 Apr HCP Terraform adds IP allow lists ↗
- 27 Mar Modernizing governance on HCP with multi-owner and global automation ↗
- 26 Mar LAB3 accelerates cloud modernization with HashiCorp-powered unified workflows ↗
- 20 Mar Agentic runtime security: Solving agentic AI identity and access gaps ↗
Infosecurity Magazine ↗
Security
- 17 Apr Commercial AI Models Show Rapid Gains in Vulnerability Research ↗
- 17 Apr DDoS-For-Hire Services Disrupted by International Police Action in ‘Operation PowerOff’ ↗
- 16 Apr US Nationals Jailed for Operating Fake Remote Worker Laptop Farms for North Korea ↗
- 16 Apr APK Malformation Found in Thousands of Android Malware Samples ↗
- 16 Apr Cookeville Medical Center Notifies Patients After July 2025 Ransomware Attack ↗
- 16 Apr NIST Drops NVD Enrichment for Pre-March 2026 Vulnerabilities ↗
- 16 Apr Systemic Flaw in MCP Protocol Could Expose 150 Million Downloads ↗
- 16 Apr Automotive Ransomware Attacks Double in a Year ↗
- 15 Apr OpenAI Unveils GPT-5.4-Cyber for Improving Cyber Defense With AI ↗
- 15 Apr European Cybersecurity Agency ENISA Seeks Top-Tier Status in CVE Program ↗
Krebs on Security ↗
Security
- 14 Apr Patch Tuesday, April 2026 Edition ↗
- 07 Apr Russia Hacked Routers to Steal Microsoft Office Tokens ↗
- 06 Apr Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab ↗
- 23 Mar ‘CanisterWorm’ Springs Wiper Attack Targeting Iran ↗
- 20 Mar Feds Disrupt IoT Botnets Behind Huge DDoS Attacks ↗
Last Week in AWS ↗
CloudAWS
Risky Business ↗
SecurityPodcast
- 15 Apr Risky Business #833 -- The Great Mythos Freakout of 2026 ↗
- 09 Apr Snake Oilers: Burp AI, Sondera and Truffle Security ↗
- 08 Apr Risky Business #832 -- Anthropic unveils magical 0day computer God ↗
- 03 Apr How the World Got Owned Episode 2: The 1990s, Part One ↗
- 01 Apr Risky Business #831 -- The AI bugpocalypse begins ↗
- 27 Mar Soap Box: Red teaming AI systems with SpecterOps ↗
- 25 Mar Risky Business #830 -- LiteLLM and security scanner supply chains compromised ↗
Risky Business Newsletter ↗
SecurityNewsletter
- 17 Apr Risky Bulletin: NIST gives up enriching most CVEs ↗
- 16 Apr Srsly Risky Biz: It Is Time to Ban Sale of Precise Geolocation ↗
- 15 Apr Risky Bulletin: Malicious LLM proxy routers found in the wild ↗
- 13 Apr Risky Bulletin: France takes first steps to ditch Windows for Linux ↗
- 10 Apr Risky Bulletin: FBI extracted Signal chats from iPhone notifications logs ↗
- 09 Apr Srsly Risky Biz: American Diplomats to Fight Propaganda… on X ↗
- 08 Apr Risky Bulletin: Cybercrime losses passed $20 billion last year ↗
- 06 Apr Risky Bulletin: New Cambodian law will put scam compound operators in prison for life ↗
- 03 Apr Risky Bulletin: Russia will revoke licenses for unruly ISPs ↗
- 02 Apr Srsly Risky Biz: America's Next Top (Cyber) Model ↗
SANS Internet Stormcast ↗
SecurityThreats
- 17 Apr ISC Stormcast For Friday, April 17th, 2026 https://isc.sans.edu/podcastdetail/9896, (Fri, Apr 17th) ↗
- 17 Apr Lumma Stealer infection with Sectop RAT (ArechClient2), (Fri, Apr 17th) ↗
- 16 Apr [Guest Diary] Compromised DVRs and Finding Them in the Wild, (Thu, Apr 16th) ↗
- 16 Apr ISC Stormcast For Thursday, April 16th, 2026 https://isc.sans.edu/podcastdetail/9894, (Thu, Apr 16th) ↗
- 15 Apr ISC Stormcast For Wednesday, April 15th, 2026 https://isc.sans.edu/podcastdetail/9892, (Wed, Apr 15th) ↗
- 15 Apr Scanning for AI Models, (Tue, Apr 14th) ↗
- 14 Apr Microsoft Patch Tuesday April 2026., (Tue, Apr 14th) ↗
- 14 Apr ISC Stormcast For Tuesday, April 14th, 2026 https://isc.sans.edu/podcastdetail/9890, (Tue, Apr 14th) ↗
- 13 Apr Scans for EncystPHP Webshell, (Mon, Apr 13th) ↗
- 13 Apr ISC Stormcast For Monday, April 13th, 2026 https://isc.sans.edu/podcastdetail/9888, (Mon, Apr 13th) ↗
Schneier on Security ↗
SecurityPrivacy
- 17 Apr Friday Squid Blogging: New Giant Squid Video ↗
- 17 Apr Mythos and Cybersecurity ↗
- 16 Apr Human Trust of AI Agents ↗
- 15 Apr Defense in Depth, Medieval Style ↗
- 14 Apr Upcoming Speaking Engagements ↗
- 14 Apr How Hackers Are Thinking About AI ↗
- 13 Apr On Anthropic’s Mythos Preview and Project Glasswing ↗
- 13 Apr AI Chatbots and Trust ↗
- 10 Apr Friday Squid Blogging: Squid Overfishing in the South Pacific ↗
- 10 Apr Sen. Sanders Talks to Claude About AI and Privacy ↗
Security Brief NZ ↗
SecurityNZ
- 17 Apr Team Cymru launches Total Insights Feeds for threat data ↗
- 17 Apr FIRST conference highlights AI & CVE disclosure push ↗
- 17 Apr Protegrity launches AI Team Edition for secure inferencing ↗
- 17 Apr OpenAI launches Trusted Access for Cyber with major names ↗
- 17 Apr Anthropic launches Claude Opus 4.7 with stronger coding ↗
- 17 Apr CIQ launches Linux compliance platform ahead of deadlines ↗
- 17 Apr Emerson & OPSWAT strike global reseller deal for OT patching ↗
- 17 Apr IWF & Cyacomb launch workplace abuse material scans ↗
- 17 Apr Cork Cyber adds automated mapping to Vantage platform ↗
- 17 Apr How Atomgate uses education and partnership to drive successful SonicWall upgrades ↗
The Hacker News ↗
Security
- 18 Apr [Webinar] Eliminate Ghost Identities Before They Expose Your Enterprise Data ↗
- 18 Apr $13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims ↗
- 18 Apr Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet ↗
- 17 Apr Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched ↗
- 17 Apr Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul ↗
- 17 Apr NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions ↗
- 17 Apr Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts ↗
- 17 Apr Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation ↗
- 16 Apr Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic ↗
- 16 Apr ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories ↗
The New Stack ↗
CloudDevOps
- 18 Apr Anthropic, OpenAI, Google, and Microsoft agree that the harness is the product. They disagree on the price. ↗
- 18 Apr Google and OpenAI are making a run at Claude’s desktop moat, and Anthropic is making it easy ↗
- 17 Apr How to prepare your company for the era of agentic ITops ↗
- 17 Apr Anthropic launches Claude Design, a Figma and Canva rival built on Claude ↗
- 17 Apr 3 steps to escaping the “break-fix” trap ↗
- 17 Apr Why Postgres wants NVMe on the hot path, and S3 everywhere else ↗
- 16 Apr As agentic AI explodes, Amazon doubles down on MCP ↗
- 16 Apr Hugging Face pushes into “computer use” with HoloTab agent that works through your browser ↗
- 16 Apr Who will maintain the web when PHP’s veterans retire? ↗
- 16 Apr Claude Opus 4.7 arrives with better vision, memory, and instruction-following ↗
The Register ↗
SecurityTech
- 17 Apr CISA tells feds to patch 13-year-old Apache ActiveMQ bug under active attack ↗
- 17 Apr Opsec oopsie: Dutch navy frigate location outed by mailing it a Bluetooth tracker ↗
- 17 Apr Locked-out iPhone user tells The Reg that Apple is scrambling to fix character flaw passcode bug ↗
- 17 Apr Claude Opus wrote a Chrome exploit for $2,283 ↗
- 16 Apr Anthropic won't own MCP 'design flaw' putting 200K servers at risk, researchers say ↗
- 16 Apr North Korea targets macOS users in latest heist ↗
- 16 Apr Americans who masterminded Nork IT worker fraud sentenced to 200 months behind bars ↗
- 16 Apr Git identity spoof fools Claude into giving bad code the nod ↗
- 16 Apr Textbook titan McGraw Hill on ransomware crew's reading list after 13.5M records exposed ↗
- 16 Apr Microsoft announces product it doesn't want anyone to buy ↗
Troy Hunt ↗
Security