this post was submitted on 22 May 2026
0 points (NaN% liked)
cybersecurity
6170 readers
1 users here now
An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!
Community Rules
- Be kind
- Limit promotional activities
- Non-cybersecurity posts should be redirected to other communities within infosec.pub.
Enjoy!
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
99% of cybersecurity news is what I call "cyberslop" and probably actively harmful to consume.
The vast majority of it is either so trivial that somebody else handled it, and you don't need to do anything. Like they often overhype a malware that doesn't do any novel techniques to get onto your systems and has already been added to the antivirus database anyways.
Or it's so grand in scale that you can't do anything, like nation states doing nation state things. Interesting yes, but it's ultimately a waste of my time to consume because it's not actionable.
Only a tiny fraction of news is actually actionable. It's usually stuff like cve's or zero days and the like. I just only really pay attention to those and ignore everything else.
Better, is probably to subscribe to an actual vulnerability feed so you don't have to go through the news cycle.
Even looking at CVE causes so much fatigue.
Actually I ended up deploying opencve with very few alerts for high cvss score only for critical assets like domain controllers, firewall and vpn gateway.
Even that can’t be the only trusted and exhaustive source, because of sometimes you miss vulnerability that affect your product but is not directly assigned to it.
(-‸ლ)
[edit]: added ascii art meme stay off topic