diff --git a/security/README.md b/security/README.md
index 6e963dc..0ad82bb 100644
--- a/security/README.md
+++ b/security/README.md
@@ -7,6 +7,8 @@
 * [Breach: Reviving The Crime Attack (2013)](http://breachattack.com/resources/BREACH%20-%20SSL,%20gone%20in%2030%20seconds.pdf)
 * [Why Silent Updates Boost Security (2009)](http://www.techzoom.net/Papers/Browser_Silent_Updates_%282009%29.pdf)
 * [A survey of coordinated attacks and collaborative intrusion detection (2010)](https://www.tk.informatik.tu-darmstadt.de/fileadmin/user_upload/Group_TK/zhou2010survey.pdf)
+* [Meltdown (2018)](https://meltdownattack.com/meltdown.pdf)
+* [Spectre Attacks: Exploiting Speculative Execution (2018)](https://spectreattack.com/spectre.pdf)
 
 * :scroll: [Macaroons: Cookies with Contextual Caveats for Decentralized Authorization in the Cloud (2014)](macaroons-cookies-with-contextual-caveats.pdf)
 * :scroll: [Insertion, Evasion, and Denial of Service: eluding network intrusion detection (1998)](ids-evasion-ptacek-newsham.pdf)