This page collects WhisperX intelligence signals tagged #threat intelligence. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A new extractor has been implemented to systematically pull data from the ENISA Known Exploited Vulnerabilities (KEV) catalog. This development moves critical European cybersecurity threat intelligence into a structured, machine-readable format, enabling more efficient analysis and integration into security tools. The ...
Сбер открыл для российских компаний внутреннюю платформу киберразведки, которую восемь лет строил для собственной защиты. Речь идет о Sber X-Threat Intelligence (X-TI), запущенной в ноябре 2024 года. Этот инструмент, предлагающий базы данных, аналитику и сервисы мониторинга, стоит «ровно ноль рублей», что бросает вызов...
The ransomware operation Incransom has published a new entry on its dark web leak site, adding Calsoft Inc to its list of claimed victims. The posting, flagged through open-source threat intelligence channels, suggests the group may have exfiltrated sensitive data from the target and could be preparing to release it un...
MedusaLocker ransomware group has published a new blog post titled "BAVADAI," according to cyber threat intelligence monitoring channels. The post represents the latest activity from the established ransomware operation, flagged across multiple threat intelligence platforms tracking the group's ongoing campaigns. While...
The ransomware group Genesis has published claims against five organizations on its dark web leak site, marking a significant burst of activity from this emerging threat actor. The newly listed targets span multiple sectors: Rain Makers Solutions, Van Atta Engineering, Prescott & Holden, The American Board of Preventiv...
Wayne Brothers has been identified in a new posting on Leak Bazaar, a known ransomware leak site associated with data extortion operations. The appearance of an organization on such a platform typically signals that a ransomware group or affiliate is either threatening to release or has begun publishing allegedly stole...
The IncRansom ransomware operation has added two new entries to its dark web blog, listing sibillacapital.com and lopezlawfl.com as apparent targets. The postings, detected through threat intelligence monitoring channels, signal fresh activity from a group that has established itself in the ransomware ecosystem. The UR...
The ransomware actor known as "Qilin" has posted an unverified claim targeting Fogel Capital Management, according to threat intelligence circulating on dark web monitoring channels. The nature and extent of the alleged incident remain undisclosed, and the claim has not been independently confirmed. Security researcher...
The ransomware group Lapsus$ has published a new blog post identifying AXCERA.IO as a target, signaling potential exposure for the organization and drawing attention from cybersecurity researchers tracking the group's activities. The post appeared on the group's known communication channel and was quickly flagged by th...
The LYNX ransomware operation has surfaced on dark web channels with claims of a successful breach targeting lifelongaccess[.]org, marking the organization's appearance on the group's victim list. The disclosure was flagged through threat intelligence monitoring channels, with the claim now circulating across OSINT and...
Google's threat intelligence team has identified what appears to be the first documented zero-day exploit generated using artificial intelligence, a development that cybersecurity researchers are calling a potential inflection point in the evolution of cyber threat capabilities. The exploit was specifically engineered ...
An OSINT investigation flagged a notable development in the ransomware ecosystem: the COINBASECARTEL threat actor listed Tab Service as a victim on their dark web leak site, according to monitoring reports shared via open source intelligence channels. The posting, flagged in the #osint community on Mastodon and tracked...
Security researchers at Genians have identified a Python-based backdoor deployed as part of an AI-driven deepfake impersonation campaign, marking a notable convergence of social engineering tactics and commodity malware in targeted operations. The attack chain leverages synthetic media to impersonate trusted entities, ...
Google has confirmed that an unidentified threat actor deployed a zero-day exploit in the wild that was likely developed using an artificial intelligence system—the first documented case of AI being weaponized for vulnerability discovery and exploit generation. The disclosure marks a significant escalation in the pract...
Google's Threat Intelligence Group (TIG) has reported that it likely disrupted an attempt to weaponize artificial intelligence for a mass exploitation event, marking a significant development in the evolving intersection of AI capabilities and cyber threat operations. The disclosure, contained in a report released by t...
Google Threat Intelligence Group (GTIG) has documented what researchers believe to be the first successful use of AI to develop a working zero-day exploit. The capability demonstration, outlined in a report released Monday, signals a potential inflection point in the scale and velocity of cyber threat operations. The t...
Google's cybersecurity researchers have flagged what appears to be the first zero-day exploit credibly attributed to AI-generated code, raising fresh concerns about the accelerating maturity of AI-driven offensive operations. The exploit leveraged a semantic logic flaw in a web administration tool to circumvent two-fac...
Google has disrupted a cyberoperation in which threat actors deployed artificial intelligence to exploit an unknown weakness in a target company's digital defenses, marking what security analysts describe as a significant escalation in AI-enabled hacking. The tech giant disclosed limited details about the specific att...
Google has identified what it believes is the first zero-day exploit developed using artificial intelligence. The discovery, made by Google's Threat Intelligence Group, marks a potential inflection point in the evolution of cyberthreat capabilities. The criminal threat actor behind the exploit intended to deploy it in ...
A growing assumption in the cybersecurity industry holds that artificial intelligence primarily strengthens defensive capabilities—faster threat detection, automated incident response, smarter anomaly identification. Google researchers have now publicly challenged that premise, presenting evidence that AI is actively e...