SEC EDGAR (8-K cyber filings)

https://efts.sec.gov/LATEST/search-index?q=%22Item+1.05%22&forms=8-K

US public-company breach disclosures via Item 1.05; primary source. Use the EDGAR full-text search API at https://efts.sec.gov/LATEST/search-index?q=...&forms=8-K with date range parameters (&dateRange=custom&startdt=YYYY-MM-DD&enddt=YYYY-MM-DD). Best query strings: q=%22Item+1.05%22 (most precise — only material cyber incidents) or q=%22cybersecurity+incident%22 (broader). The API returns metadata only (no doc_text); drill into each match's per-company filing index at https://www.sec.gov/cgi-bin/browse-edgar?action=getcompany&CIK=<CIK>&type=8-K to read the actual filing. Cite the per-filing URL (e.g. /Archives/edgar/data/<CIK>/<accession>/...). | 2026-06-20 full audit (v2.62): live=Y, drill=Y. FETCH → api: `python3 tools/fetch_source.py sec-edgar 8k <startdt> <enddt> 1.05` (returns Item 1.05 hits w/ filing_url) then bridge `url <filing_index>` to find the .htm doc, then bridge `url <doc.htm>` to read the Item 1.05 body. AVOID: The documented efts.sec.gov ...search-index API URL returns metadata only (no doc text) — don't expect the body there. Use the sec-edgar subcommand for discovery, then drill the per-filing .htm. WebFetch on efts JSON is unnecessary..