NCSC UK

https://www.ncsc.gov.uk/section/keep-up-to-date/reports-advisories

UK National Cyber Security Centre. /section/keep-up-to-date/threat-reports is a landing page with no actual reports listed. Substantive content lives at /section/keep-up-to-date/reports-advisories (joint advisories, CISA-co-signed) and /section/keep-up-to-date/malware-analysis-reports (technical malware analyses). Drill into individual reports for citation; never cite the landing page itself. NB: the RSS feed at /api/1/services/v1/report-rss-feed.xml has been observed to lag the HTML by months — prefer WebFetch on the HTML index. | 2026-06-20 full audit (v2.62): live=Y, drill=Y. FETCH → bridge: python3 tools/fetch_source.py url https://www.ncsc.gov.uk/section/keep-up-to-date/reports-advisories (parse real article slugs from the index, then `url <article_url>`; article body is JS-rendered so read <title> + <meta description> + dates rather than <p> text). WebFetch the HTML index also works for discovery.. AVOID: RSS at /api/1/services/v1/report-rss-feed.xml lags ~13 months (newest item May 2025) — do NOT use it for recency. CRITICAL: WebFetch's AI summariser MANGLES the article slugs (it returned /news/alert-ncsc-issues-advice-following-global-targeting-fortinet... which 404s; the real slug is /news/advice-following-global-targeting-of-fortinet-firewalls-and-vpn-gateways). Always take the slug from the bridge index, not from WebFetch's reconstructed URL. Never cite the landing page itself..