NEW THREAT INTEL: Citrix NetScaler Pre-Auth Memory Overread -- CVE-2026-3055 (CVSS 9.3) leaks session tokens. 9 detections, 15 IOCs. intel.threadlinqs.com/#TL-2026-0294 #ThreatIntel #CyberSecurity #Citrix #NetScaler
13
Search
What is changing in the threat landscape this year?
Hear how attacker behavior is shifting and what trends teams should be paying attention to.
Join us May 21 | 1 PM EST: buff.ly/etizrzD
#CTI #ThreatIntel #DFIR
1
282
🚨 Iran-linked group leaks FBI Director’s personal email data
No classified info exposed - but message is clear
Personal accounts = attack surface
💬 Should officials face stricter cyber rules?
🔔 Foll@ow @TechNadu
#CyberSecurity #Infosec #ThreatIntFjW
1
45
3/8 🎯 Pour les attaquants, c'est une mine d'or #OSINT. Fini le scraping fastidieux : la base WHOIS devient un annuaire certifié, gratuit et à jour pour identifier précisément vos administrateurs et responsables légaux (MITRE ATT&CK T1589). #ThreatIntel
1
6
🚨 Ransomware Alert: 🌍
A A Al Moosa Enterprises (ARENCO Group) (AE) hit by payload.
🔎 Key Details:
👤 Victim: A A Al Moosa Enterprises (ARENCO Group)
🌍 Country: AE
🦹 Threat Actor: payload
📅 Reported on: Mar 28, 2026
#Ransomware #ThreatIntel #CyberSecurity #payload
6
European Commission AWS account breached — 350GB stolen including employee data and email server access. Attacker plans public leak, not extortion. Second EU exec breach in 2 months:
wasteland.me/intel/european… #CyberSecurity #ThreatIntel
Intel Brief: European Commission — AWS Account Breach Exposes 350GB of EU Executive Data, Attacker...
Threat intelligence analysis: Intel Brief: European Commission — AWS Account Breach Exposes 350GB of EU Executive Data, Attacker Plans Public Leak
From wasteland.me 22
Threat briefing: Australia's cyber landscape is escalating. We are tracking a 141GB FinTech cloud breach, govt AI data leaks, and active exploitation of a CVSS 10.0 API flaw. Get the latest insights below:
Read more: leansecurity.com.au/blog/2026/3/28…
#CyberSecurity #ThreatIntel #AusCyber
Australian Cyber Threat Briefing 2026: AI Risks, Ransomware & New Regulations | Lean Security
Expert insights on the Australian cyber threat landscape, covering ransomware in healthcare, AI risks, cloud misconfigurations, and the Cyber Security Act 2026.
From leansecurity.com.au 18
NEW THREAT INTEL: EtherRAT DPRK Blockchain C2 Backdoor - Node.js RAT uses Ethereum smart contracts for untakeable C2. 9 detections, 36 IOCs. intel.threadlinqs.com/#TL-2026-0293 #ThreatIntel #CyberSecurity #DPRK #EtherHiding
15
Goodwill Industries hit by Interlock ransomware — 80GB stolen, stores forced cash-only across multiple regions. Federated nonprofit model left no unified defense. Full breakdown:
wasteland.me/intel/goodwill… #CyberSecurity #ThreatIntel
Intel Brief: Goodwill Industries — Interlock Ransomware Hits Nonprofit Chain, 80GB Stolen, Stores...
Threat intelligence analysis: Intel Brief: Goodwill Industries — Interlock Ransomware Hits Nonprofit Chain, 80GB Stolen, Stores Forced Cash-Only
From wasteland.me 5
Nova Scotia Power breach confirmed — 900K customers exposed in 2025 attack. Canada's privacy commissioner mandating security overhaul. Nearly an entire province's utility data at risk:
wasteland.me/intel/ns-power… #CyberSecurity #ThreatIntel
Intel Brief: Nova Scotia Power — Cyberattack Exposed 900,000 Utility Customers, Privacy Commissio...
Threat intelligence analysis: Intel Brief: Nova Scotia Power — Cyberattack Exposed 900,000 Utility Customers, Privacy Commissioner Forces Security Reform
From wasteland.me 3
AFC Ajax hacked — API flaws exposed 300K fan accounts, enabled hijack of 42,000 season tickets. VIP ticket reassigned in seconds. Full breakdown — how it worked, what to fix:
wasteland.me/intel/ajax-fc-… #CyberSecurity #ThreatIntel
Intel Brief: AFC Ajax — API Flaws Exposed 300,000 Accounts and Enabled Hijack of 42,000 Season...
Threat intelligence analysis: Intel Brief: AFC Ajax — API Flaws Exposed 300,000 Accounts and Enabled Hijack of 42,000 Season Tickets
From wasteland.me 7
Iran-linked Handala breached FBI Director Kash Patel's personal Gmail. Emails cryptographically verified authentic. $10M reward issued. Full breakdown — how it happened, what to lock down:
wasteland.me/intel/handala-… #CyberSecurity #ThreatIntel
Intel Brief: Kash Patel — Iranian State-Linked Handala Breaches FBI Director's Personal Gmail,...
Threat intelligence analysis: Intel Brief: Kash Patel — Iranian State-Linked Handala Breaches FBI Director's Personal Gmail, Publishes Authenticated Documents
From wasteland.me 152
Navia Benefit Solutions breached — 2.7M records exposed including SSNs, health plan data, COBRA enrollment. 24-day silent access over Christmas. Full breakdown:
wasteland.me/intel/navia-be… #CyberSecurity #ThreatIntel
Intel Brief: Navia Benefit Solutions — 24-Day Silent Breach Exposes 2.7 Million Benefits Records...
Threat intelligence analysis: Intel Brief: Navia Benefit Solutions — 24-Day Silent Breach Exposes 2.7 Million Benefits Records Including SSNs and Health Data
From wasteland.me 5
Ransomware hit Viva Ticket — disrupting 3,500 venues including the Louvre. One vendor, thousands of victims. Full breakdown — attack chain, what was taken, what to audit:
wasteland.me/intel/viva-tic… #CyberSecurity #ThreatIntel
Intel Brief: Viva Ticket — Ransomware Hits Ticketing Platform Serving the Louvre and 3,500 Cultural...
Threat intelligence analysis: Intel Brief: Viva Ticket — Ransomware Hits Ticketing Platform Serving the Louvre and 3,500 Cultural Venues
From wasteland.me 2
Esprinet breached by ALP-001 ransomware. 1.2TB stolen from €4B EU IT distributor — 40,000 reseller customers at risk. 9-day leak countdown active. Full breakdown:
wasteland.me/intel/esprinet… #CyberSecurity #ThreatIntel
Intel Brief: Esprinet — ALP-001 Ransomware Claims 1.2TB Breach of €4B European IT Distributor —...
Threat intelligence analysis: Intel Brief: Esprinet — ALP-001 Ransomware Claims 1.2TB Breach of €4B European IT Distributor
From wasteland.me 31
NZ healthcare provider IntraCare breached — IT systems offline, 28 surgeries deferred, patient records at risk. Full breakdown — attack chain, what was taken, what to audit:
wasteland.me/intel/intracar… #CyberSecurity #ThreatIntel
Intel Brief: IntraCare — Healthcare Cyberattack Takes Systems Offline, 28 Surgeries Deferred —...
Threat intelligence analysis: Intel Brief: IntraCare — Healthcare Cyberattack Takes Systems Offline, 28 Surgeries Deferred
From wasteland.me 89
#Qilin operators abuse legitimate admin tools, BYOVD driver loading, and stolen credentials to blend into normal IT activity. Your strongest detection signals: anomalous VPN/RDP logins+rapid cross-system authentication.
Full breakdown: provendata.com/blog/qilin-ran…
#ThreatIntel #SOC
Qilin Ransomware: Operating Model, Attack Chain, and Technical Profile
Qilin ransomware explained: RaaS model, attack chain, evasion tactics, and technical profile of this evolving double-extortion threat.
From provendata.com 1
34
⚠️ Drone reveals extent of Iranian missile damage in Israeli city of Arad
#CyberKitAI #ThreatIntel #MilitaryStrike #OSINT #Conflict
– via @CyberKitAI threat-map.cyberkitai.eu/events/c7153f0…
33
These were flagged with the reputation as 'Known Attacker' today.
gist.github.com/welchsec/38e80…
#ThreatIntel #Infosecurity #Cybersecurity #IOC #Indicatorsofcompromise #Infosec
Known_Attacker_IPs
Known_Attacker_IPs. GitHub Gist: instantly share code, notes, and snippets.
From gist.github.com 16