SECFEED — Daily Cybersecurity News Digest

SECFEED // DATE──────── // TIME──:──:── UTC // FEEDS/ // TODAY // INGESTLIVE · ·

Daily cybersecurity intelligence, summarized.

CVEs, exploits and breach reports from vetted security feeds — ranked CRITICAL to INFO, each with an AI-written summary. One digest email a day. No ads, no tracking.

▸ Get the daily digest How it works
FILTER
NAV JK · OPEN
LOADING…
PAGE 1 OF 1
▸ GET DAILY DIGEST
One email per day. CRITICAL + HIGH highlighted, AI summary per article. No tracking, unsubscribe instantly.
SIGN IN
ACCOUNT · SETTINGS
PRO FEATURES · REAL-TIME ALERTS PRO
PRO FEATURES — FREE FOR EARLY ADOPTERS UNTIL SEP 1, 2026 · DAYS LEFT · THE DIGEST STAYS FREE
WHAT — Push every new article matching your severity threshold to Slack, Discord or a generic JSON endpoint. Fired automatically after each fetch cycle (every 60 min). No delivery if nothing matches.
▸ HOW TO SET UP

SLACK

  1. Open the Slack workspace where you want alerts. Go to api.slack.com/apps.
  2. Click Create New AppFrom scratch. Name it (e.g. "SECFEED"), pick the workspace.
  3. In the app settings → Incoming Webhooks → toggle ON.
  4. Click Add New Webhook to Workspace, pick a channel, copy the URL (starts with https://hooks.slack.com/services/...).
  5. Paste it below, choose severities, click ADD.

DISCORD

  1. In your Discord server, right-click the target channel → Edit Channel.
  2. IntegrationsWebhooksNew Webhook. Name it, copy the URL.
  3. Paste below, choose DISCORD as type, save.

GENERIC (your own server)

  1. Expose any HTTPS endpoint that accepts POST with JSON body.
  2. Payload shape:
{
  "sentAt": "ISO timestamp",
  "subscriber": { "email": "you@example.com" },
  "articles": [
    {
      "title":       "...",
      "url":         "...",
      "source":      "bleepingcomputer",
      "severity":    "CRITICAL",
      "cveIds":      ["CVE-2026-..."],
      "publishedAt": "ISO timestamp",
      "summary":     "AI summary or feed excerpt"
    }
  ]
}

NOTES

  • Pick only the severities you care about — default is CRITICAL + HIGH.
  • Use the TEST action on a saved webhook to send a sample article.
  • If a webhook fails 5x in a row it’s auto-disabled. Re-enable manually after fixing.
— NO WEBHOOKS CONFIGURED —
+ ADD WEBHOOK
TYPE
URL
LABEL
SEVERITIES
WHAT — Pin specific CVE IDs. When any new article mentions one of them, you get an instant email + webhook push (regardless of your severity threshold). Use this for vulnerabilities you’re actively patching or watching.
▸ HOW TO USE
  1. Paste CVE IDs in the box below — one per line or comma-separated.
  2. Format: CVE-YYYY-NNNNN (case-insensitive, auto-normalized to uppercase).
  3. Click SAVE WATCHLIST. Limit: 100 IDs.
  4. You’ll get notified the moment a feed publishes an article tagged with one of these IDs. Alerts route to: registered email + all enabled webhooks.

EXAMPLE

CVE-2026-12345
CVE-2026-67890, CVE-2025-44567

NOTES

  • Matching is exact-ID, not pattern: CVE-2026-12345 won’t match CVE-2026-123456.
  • An article only triggers once per CVE per subscriber — no duplicate spam.
  • Remove an ID anytime: clear the line, save again.
0 / 100
WHAT — Watch for any word or pattern in article titles + summaries. On match: instant email + webhook push. Useful for vendor names, product names, threat actor groups, or anything not covered by severity filters.
▸ HOW TO USE

LITERAL (recommended)

  • Plain text, case-insensitive, partial-word match.
  • Examples: ransomware, fortigate, lockbit, citrix bleed.
  • fortinet matches both "Fortinet" and "fortinetadvisory".

REGEX (advanced)

  • JavaScript regex syntax, case-insensitive by default.
  • Examples:
    • \bCVE-2026-\d{4,7}\b — any 2026 CVE
    • (zero[- ]day|0day) — zero-day mentions
    • (apt[- ]?\d+|lazarus|fin\d) — APT groups
  • Invalid regex is rejected at save time.

HOW IT FIRES

  1. After every fetch cycle, new articles are scanned against your monitors.
  2. First match per article triggers email + webhook with the matched monitor label.
  3. One article = one notification even if it matches multiple monitors.

NOTES

  • Keep keyword length > 3 chars to avoid noisy matches.
  • Use the LABEL field to remember why you added it (e.g. "internal IR ticket #2031").
  • Disable a monitor anytime without losing it — or delete to remove permanently.
— NO KEYWORD MONITORS —
+ ADD KEYWORD MONITOR
TYPE
KEYWORD
LABEL
▸ PRO PLAN REAL-TIME WEBHOOK ALERTS · CVE WATCHLIST · KEYWORD MONITORS · INSTANT EMAIL ON MATCHES
FILTERS