§About
Why this exists.
Most security newsletters are either too shallow (a paragraph per incident, written by a junior) or too dense (a wall of links with no editorial judgment). This one tries to be neither.
The problem
Every morning, a security professional opens fifteen browser tabs. An hour later, they have read maybe three of them, retained maybe one, and never got around to the blog they actually bookmarked last week.
The supply of security writing keeps growing. Attention does not.
The principle
sec-news.ai is editorially curated, which means one person picks the sources, decides what matters, and keeps out what doesn't. AI writes the prose; a human makes the calls.
That is the whole difference. Not the volume. Not the speed. The judgment.
The promise
- Three short emails a week: Monday, Wednesday, Friday.
- Each one: four articles, two minutes to read, a few actions to take.
- Every article: rewritten in plain English, linked back to the original source.
- Plus a dedicated CVE alert when something is detected as a major CVE.
- No clickbait. No affiliate links. No sponsored editorial.
Who writes it
Guillaume Bonnet. A cybersecurity professional who got tired of skimming his own inbox and decided to fix it for everyone else.
Every editorial call you read in a dispatch (which story leads, which one gets cut, which CVE deserves its own alert) comes from one human making a judgment. The AI writes the paragraphs. It does not pick the news.
Spotted a mistake or a missing source? Say so on LinkedIn or via the submit page. A reply always comes back from a human.
What we cover
50+ sources across four buckets: operational security news (Bleeping Computer, The Hacker News, Krebs, SecurityWeek), vendor advisories (Microsoft MSRC, Google Project Zero, Cisco Talos, GitHub Security), official bodies (CISA, NIST, ENISA), and academic preprints.
What we deliberately don't cover: marketing research reports from vendors, LinkedIn hot takes, RSAC press releases, and the ten-thousandth “top 10 cybersecurity predictions” list.
What we don't do
- ×Sponsored editorial. A paid placement would compromise the one thing that makes this useful.
- ×Sell or share your email. Stripe handles payments; nobody else sees your data.
- ×Track you across the web. Analytics are cookieless and aggregate only.
- ×Interrupt your day for nothing. Three scheduled emails per week, plus real-time alerts only for CVEs that actually matter.
If that sounds like a newsletter you'd actually open, try it.
