diff --git a/README.md b/README.md
index 71ae57c..b6a6c60 100644
--- a/README.md
+++ b/README.md
@@ -41,6 +41,10 @@ space, user space, core dumps, and swap space.
 
 - Restrict kernel profiling and the performance events system to `CAP_PERFMON`.
 
+- Force the kernel to panic on "oopses" that can potentially indicate and thwart
+  certain kernel exploitation attempts. Provide the option to reboot immediately
+  on a kernel panic.
+
 - Randomize the addresses (ASLR) for mmap base, stack, VDSO pages, and heap.
 
 - Disable asynchronous I/O as `io_uring` has been the source
diff --git a/usr/lib/sysctl.d/990-security-misc.conf b/usr/lib/sysctl.d/990-security-misc.conf
index 7b07033..7eb1a73 100644
--- a/usr/lib/sysctl.d/990-security-misc.conf
+++ b/usr/lib/sysctl.d/990-security-misc.conf
@@ -109,6 +109,18 @@ kernel.sysrq=0
 ##
 kernel.perf_event_paranoid=3
 
+## Force the kernel to panic on "oopses".
+## Can sometimes potentially indicate and thwart certain kernel exploitation attempts.
+## Also cause panics on machine check exceptions.
+## Panics may be due to false-positives such as bad drivers.
+##
+## https://forums.whonix.org/t/set-oops-panic-kernel-parameter-or-kernel-panic-on-oops-1-sysctl-for-better-security/7713
+##
+## See /usr/libexec/security-misc/panic-on-oops for implementation.
+##
+#kernel.panic_on_oops=1
+#kernel.panic=-1
+
 ## Enable ASLR for mmap base, stack, VDSO pages, and heap.
 ## Heap randomization can lead to breakages with legacy applications.
 ##
diff --git a/usr/libexec/security-misc/panic-on-oops b/usr/libexec/security-misc/panic-on-oops
index 907ee69..2fc25c8 100755
--- a/usr/libexec/security-misc/panic-on-oops
+++ b/usr/libexec/security-misc/panic-on-oops
@@ -16,3 +16,4 @@ fi
 ## from continuing to run a flawed processes. Many kernel exploits
 ## will also cause an oops which this will make the kernel kill.
 sysctl kernel.panic_on_oops=1
+#sysctl kernel.panic=-1