danielmiessler
Security news aggregation from tldrsec, no.security, and other sources. USE WHEN security news, security updates, what's new in security, breaches, security research, sec updates. SkillSearch('secupdates') for docs.
bunx add-skill danielmiessler/personal_ai_infrastructure -s SECUpdatesLoadingβ¦
Before executing, check for user customizations at:
~/.claude/skills/CORE/USER/SKILLCUSTOMIZATIONS/SECUpdates/
If this directory exists, load and apply any PREFERENCES.md, configurations, or resources found there. These override default behavior. If the directory does not exist, proceed with skill defaults.
Send this notification BEFORE doing anything else:
curl -s -X POST http://localhost:8888/notify \
-H "Content-Type: application/json" \
-d '{"message": "Checking security updates from sources"}' \
> /dev/null 2>&1 &
Purpose: Aggregate security news from multiple sources into crisp, ranked updates across three categories.
| Source | URL | Type |
|---|---|---|
| tl;dr sec | https://tldrsec.com | Newsletter/RSS - comprehensive security roundup |
| No Security | https://no.security |
| Caleb Sima's security insights |
| Krebs on Security | https://krebsonsecurity.com | Investigative security journalism |
| The Hacker News | https://thehackernews.com | Security news and analysis |
| Schneier on Security | https://schneier.com | Bruce Schneier's security blog |
| Risky Business | https://risky.biz | Security podcast/news |
Custom sources: Add to USER/SKILLCUSTOMIZATIONS/SECUpdates/sources.json
Maximum 32 items total across all categories, ranked by importance within each.
# Security Updates
**Generated:** [timestamp]
**Sources Checked:** [list]
**Period:** Since [last check date]
---
## π΄ Security News (Breaches & Incidents)
*Hacks, breaches, exploits in the wild, incidents*
1. **[Headline]** - [1-2 sentence summary]. [Source]
2. **[Headline]** - [1-2 sentence summary]. [Source]
...
---
## π¬ Security Research
*New vulnerabilities, CVEs, techniques, papers*
1. **[Title]** - [1-2 sentence summary]. [Source]
2. **[Title]** - [1-2 sentence summary]. [Source]
...
---
## π‘ Security Ideas
*Opinions, strategies, industry trends, career*
1. **[Title]** - [1-2 sentence summary]. [Source]
2. **[Title]** - [1-2 sentence summary]. [Source]
...
---
## π Summary
| Category | Count | Top Item |
|----------|-------|----------|
| News | X | [headline] |
| Research | X | [title] |
| Ideas | X | [title] |
**Total:** X/32 items | **Next check:** Run `/secupdates` anytime
Within each category, rank items by:
State file: State/last-check.json
{
"last_check_timestamp": "2026-01-22T12:00:00.000Z",
"sources": {
"tldrsec": {
"last_hash": "abc123",
"last_checked": "2026-01-22T12:00:00.000Z",
"last_title": "tl;dr sec #XXX"
},
"nosecurity": {
"last_hash": "def456",
"last_checked": "2026-01-22T12:00:00.000Z"
}
}
}
On each run:
# Read last check timestamp
cat ~/.claude/skills/SECUpdates/State/last-check.json
Launch parallel agents to fetch each source:
| Agent | Source | Method |
|---|---|---|
| Agent 1 | tldrsec.com | WebFetch latest newsletter |
| Agent 2 | no.security | WebFetch recent posts |
| Agent 3 | krebsonsecurity.com | WebFetch recent articles |
| Agent 4 | thehackernews.com | WebFetch headlines |
| Agent 5 | schneier.com | WebFetch recent posts |
For each item found:
| Workflow | Trigger | File |
|---|---|---|
| Update | "security updates", "sec updates", "/secupdates", "what's new in security" | Workflows/Update.md |
Default: Run the Update workflow.
# Security Updates
**Generated:** 2026-01-22 12:09 PST
**Sources Checked:** tldrsec, no.security, Krebs, THN, Schneier
**Period:** Since 2026-01-20
---
## π΄ Security News (Breaches & Incidents)
1. **Microsoft Azure Breach Exposes 2M Customer Records** - Misconfigured storage blob allowed unauthorized access to customer data including emails and phone numbers. [Krebs]
2. **LockBit 4.0 Ransomware Hits Healthcare Chain** - 15 hospitals affected, patient data encrypted, $10M ransom demanded. [THN]
3. **Ivanti VPN Zero-Day Actively Exploited** - CVE-2026-XXXX being used by Chinese APT groups against government targets. [tldrsec]
---
## π¬ Security Research
1. **New Spectre Variant Bypasses All Mitigations** - Researchers demonstrate "Spectre-NG" affecting Intel and AMD processors, no patch available. [tldrsec]
2. **OAuth Token Theft via Browser Extension** - Novel technique allows stealing tokens from any site using malicious extension. [no.security]
3. **SSRF in AWS IMDSv2** - Bypass discovered in metadata service protections. [tldrsec]
---
## π‘ Security Ideas
1. **The Death of Perimeter Security** - Caleb Sima argues zero-trust is no longer optional after recent breaches. [no.security]
2. **CISO Burnout at All-Time High** - Survey shows 70% considering leaving the field within 2 years. [tldrsec]
3. **AI-Generated Phishing Now Indistinguishable** - Schneier on the implications of LLM-powered social engineering. [Schneier]
---
## π Summary
| Category | Count | Top Item |
|----------|-------|----------|
| News | 3 | Microsoft Azure Breach |
| Research | 3 | New Spectre Variant |
| Ideas | 3 | Death of Perimeter Security |
**Total:** 9/32 items | **Next check:** Run `/secupdates` anytime
| β Bad | β Good |
|---|---|
| Long paragraph summaries | 1-2 crisp sentences |
| "Read more at..." | Summary + source attribution |
| Unranked list dumps | Importance-ordered items |
| 50+ items | Max 32, quality curated |
| Mixing categories | Clear News/Research/Ideas separation |
| Old news mixed with new | Only items since last check |
Use when you need to run Flow type checking, or when seeing Flow type errors in React code.
Use when you want to validate changes before committing, or when you need to check all React contribution requirements.
Use when feature flag tests fail, flags need updating, understanding @gate pragmas, debugging channel-specific test failures, or adding new flags to React.
Use when you need to check feature flag states, compare channels, or debug why a feature behaves differently across release channels.