Basic:
- Your OS vendor – Don’t complain about 0-day exploits if you aren’t protected from script kiddies.
- Antivirus Vendor
- Anti Malware Vendor
In Depth:
- Kreb’s Security Blog – Active, current, well respected
- CERT – Alert to vulnerabilities and attacks
- Sans Institute – Large site, but good stuff