Real-Time Security Intelligence

Explore how Chinese-speaking cybercriminals use NFC relay fraud (“ghost-tapping”) to exploit mobile wallets, conduct retail fraud, and launder funds via Telegram.

Discover four critical ransomware trends—from AI-driven phishing to supply chain exploits—and how cyber threat intelligence can counter them.

Recorded Future’s Insikt Group uncovers active infrastructure linked to Candiru’s DevilsTongue spyware across multiple countries. Discover how this stealthy spyware targets high-value individuals and evades detection.

Explore top cloud threats in 2025. Learn how attackers exploit misconfigurations, credentials, and native tools—and how to defend cloud environments.

Discover powerful new updates to Recorded Future’s Google Security Operations integrations, including expanded SOAR automation and a brand-new SIEM integration to elevate your threat intelligence and response.

SharePoint vulnerabilities and AI-discovered webshells expose how checkbox compliance fails against evolving threats. Learn why resilience—not just patching—is the new security imperative.

A zero-day exploit chain—ToolShell—targets on-prem Microsoft SharePoint servers via CVE-2025-53770 & CVE-2025-53771. Learn how attackers achieve RCE, persist access post-patch, and how to defend using YARA rules, Nuclei templates, and Recorded Future’s threat intelligence.

Discover how NoName057(16) targeted 3,700+ hosts across Europe using its DDoSia platform. This in-depth report reveals multi-tiered C2 infrastructure, attack patterns, and strategic geopolitical motivations behind the hacktivist-led campaign.

Explore the rising threats to global submarine cable networks amid escalating geopolitical tensions, sabotage incidents, and limited repair capacity. Discover essential resilience strategies and risk mitigation measures.

Learn about CVE-2025-49596, a critical missing authentication vulnerability affecting Anthropic’s MCP Inspector tool. Download our Nuclei template to check if your systems are vulnerable.

In 2025, US-based violent extremists are likely to favor targeted attacks over mass-casualty events. Explore threat forecasts, ideological trends, and countermeasures in this Insikt Group intelligence report.

Dive into the concept of the “retaliation window”—how timing influences threat intelligence, risk management, and strategic decision-making in today’s cyber and business landscape.

Analysis of the TAG-140 cyber espionage campaign targeting Indian government organizations, focusing on the development and deployment of the modified DRAT V2 remote access trojan.

Explore how state-sponsored actors, cybercriminals, and hacktivists are targeting the 2025 NATO Summit. Insight from Recorded Future’s Insikt Group reveals escalating cyber, AI, and hybrid threats from Russia and China amid rising geopolitical tensions.

Explore how IPv6-first networks disrupt mass scanning tactics and enable stronger, AI-driven security through deceptive address space and Zero Trust principles.

Explore how China’s PLA is adopting generative AI for military intelligence. This Insikt Group report reveals AI-driven intelligence tools, strategic adaptations, and implications for global security.

Insikt Group exposes GrayAlpha’s evolving infrastructure and infection methods—including PowerNet and MaskBat loaders, fake 7-Zip sites, and the undocumented TAG-124 network—linking the group to FIN7’s advanced cybercriminal operations.

Despite sanctions and global scrutiny, Predator spyware operations persist. Insikt Group reveals new infrastructure links in Mozambique, Africa, and Europe, highlighting ongoing threats to civil society and political targets.

Learn about CVE-2025-3248 affecting Langflow. Patch now to prevent remote code execution.

Russia-aligned TAG-110 shifts to .dotm phishing lures in a 2025 campaign against Tajikistan’s public sector, advancing cyber-espionage in Central Asia.