11 articles tagged with "Threat Intelligence"
Internal database of #2 ransomware group leaked after 4VPS hosting breach exposes chat logs, affiliate rosters, and operational playbooks from 400+ attacks.
CVE-2026-27960 in OpenCTI 6.6.0-6.9.12 allows unauthenticated API access as any user, including admin. Upgrade to 6.9.13 or disable the default admin account.
Check Point researchers gained access to a SystemBC C2 server operated by The Gentlemen ransomware group, uncovering over 1,570 compromised corporate networks that haven't been publicly disclosed.
The best threat intelligence APIs for enriching IOCs, detecting malware, and integrating threat data into your SIEM and security workflows.
Modern ransomware gangs have weaponized fear, legal liability, and deadline pressure. Here's how extortion tactics have fundamentally changed.
CyberArk exploited a vulnerability in the StealC infostealer's control panel to identify threat actors, steal session cookies, and track an operator who compromised 5,000 victims.
GreyNoise honeypot data reveals coordinated reconnaissance of LLM infrastructure including OpenAI, Claude, and Ollama deployments over 11 days.
Qilin has hit 1,000+ victims. Everest targets critical infrastructure. Here's what security teams need to know about today's most active ransomware operations.
A new ransomware group has compromised at least six healthcare organizations in Taiwan using BYOVD attacks to disable security software before encryption.
Cybersecurity firm Resecurity reveals that hackers claiming to have breached their systems only accessed a deliberately deployed honeypot containing fake data designed to monitor threat actor activity.
Ransomware tracking data shows 63 total claims from 6 groups on December 26. LockBit's revival dominates holiday attack wave targeting reduced security staff.