Subscribe via RSS

Get every SCW post delivered to your favorite feed reader — no algorithms, no missed updates.

Feed URL

Open in a feed reader

● Feedly Most popular feed reader ● Inoreader Power-user features ● NewsBlur Open source reader Raw Feed Copy URL into any reader

What is RSS?

RSS lets you subscribe to websites and get new posts delivered automatically — like email, but without the spam. You choose a feed reader app, add our feed URL, and every new SCW post appears there instantly.

No account needed on our site. No tracking. No algorithms deciding what you see.

Other ways to follow SCW

Telegram Channel LinkedIn Email Newsletter

Feed Schema for Integrators

SCW uses the scw: XML namespace (https://shimiscyberworld.com/ns/1.0) to expose structured threat intelligence alongside standard Atom fields. All fields are consistent across post types.

Classification

Element	Values	Always Present
`<scw:severity>`	CRITICAL, HIGH, MEDIUM, LOW	Yes
`<scw:cvss>`	Attributes: `score` (float), `severity`, `vector`	NVD posts only
`<scw:event_type>`	vulnerability, data-breach, ransomware, espionage, fraud, supply-chain, defacement, advisory, tool-release, research, other	Yes
`<scw:section>`	vulnerabilities, live-feed	Yes
`<scw:tlp>`	TLP:CLEAR (default), TLP:GREEN, TLP:AMBER	Yes

Source Attribution

Element	Attributes
`<scw:source>`	`name` — generalized source name: "National Vulnerability Database", "SCW Curated Intelligence", or "SCW Daily Digest" `channel` — feed channel type: NVD, OSINT, or Digest

Source URLs and direct links are not included in the public feed. Full attribution is available on each post's page.

Vulnerability Data

Element	Description
`<scw:cwe>`	CWE weakness identifier (e.g., CWE-79, CWE-89). Multiple elements per entry.

Entities

Element	Attributes / Values
`<scw:organization>`	`name` — organization name `domain` — domain name (when known) `role` — victim, vendor, threat-actor, or other
`<scw:threat_actor>`	Named threat group (e.g., APT28, LockBit, Handala)
`<scw:malware>`	Malware family name (e.g., BlackCat, QakBot)
`<scw:country>`	ISO 3166-1 alpha-2 code (e.g., US, IL, CN)

Indicators of Compromise

Element	Attributes
`<scw:ioc>`	`type` — ipv4, ipv6, domain, url, md5, sha1, sha256, email, affected-product `indicator` — the IOC value

Note: Generic stub IOCs (CVE IDs and CWE IDs repeated as indicators) are excluded from the feed. Only actionable IOCs are emitted.

MITRE ATT&CK

Element	Attributes
`<scw:mitre>`	`id` — technique ID (e.g., T1190, T1059.001) `name` — technique name `tactic` — tactic name (e.g., Initial Access, Execution)

Detection

Element	Attributes
`<scw:detection>`	`rules` — total detection rule count `free` — number of free/open rules

Tags (Atom `<category>`)

Standard Atom <category term="..."> elements. Tags follow a controlled vocabulary:

Category	Tags
Severity	`critical`, `high-severity`, `medium-severity`
Type	`vulnerability`, `cve`, `malware`, `ransomware`, `data-breach`, `phishing`, `threat-intel`
Domain	`cloud`, `microsoft`, `identity`, `ai-security`, `tools`
Weakness	`cwe-79`, `cwe-89`, etc.
Vendor	Slugified vendor names from affected products (e.g., `wordpress`, `cisco`)

Example Entry

<entry>
  <title>Critical RCE in Apache Struts</title>
  <published>2026-04-16T08:00:00Z</published>
  <category term="vulnerability" />
  <category term="cve" />
  <category term="critical" />
  <category term="cwe-94" />
  <category term="apache" />
  <scw:severity>CRITICAL</scw:severity>
  <scw:cvss score="9.8" severity="CRITICAL" vector="CVSS:3.1/..." />
  <scw:event_type>vulnerability</scw:event_type>
  <scw:section>vulnerabilities</scw:section>
  <scw:tlp>TLP:CLEAR</scw:tlp>
  <scw:source name="National Vulnerability Database" channel="NVD" />
  <scw:cwe>CWE-94</scw:cwe>
  <scw:organization name="Apache" domain="apache.org" role="vendor" />
  <scw:mitre id="T1190" name="Exploit Public-Facing Application" tactic="Initial Access" />
  <scw:detection rules="3" free="1" />
</entry>