Poland's Nuclear Research Centre Repels Cyberattack: The NCBJ successfully defended against a targeted attack a notable escalation in strikes against critical scientific infrastructure on NATO's eastern flank. Find out more

Companies House WebFiling Dashboard Suspended After Fraud Exposure: The UK's Companies House suspended its WebFiling dashboard after a serious flaw exposed corporate data to fraudsters. Find out more

FancyBear's OPSEC Failure Exposes Russian Espionage Operations: An exposed C2 server leaked 2,800 stolen government emails and 240 credentials, including 2FA secrets. The breach also revealed 140 silent forwarding rules targeting military entities across Ukraine and the Balkans. Find out more

Tycoon 2FA Dismantled - 330 Domains Seized. A joint operation by Proofpoint, Microsoft, and Europol seized 330 control panel domains linked to one of the most prolific AiTM phishing-as-a-service platforms. In February alone, over 3 million messages were tied to Tycoon campaigns and 59% of compromised accounts had MFA enabled at the time. Find out more

DarkSword iOS exploit kit: Google Threat Intelligence, iVerify, and Lookout have exposed DarkSword, a sophisticated hacking toolkit that weaponized six zero-day vulnerabilities to breach iPhones running iOS 18.4 through 18.7. Linked to suspected Russian actors and commercial spyware vendors, the kit delivers the GHOSTBLADE and GHOSTKNIFE implants via compromised websites to drain crypto wallets and exfiltrate private messages to dedicated "File Receiver" endpoints. While Google and Lookout tracked the kit's global footprint across Ukraine and the Middle East, iVerify confirmed its delivery through legitimate but hijacked domains a sobering reminder that even fully updated devices were at risk until Apple’s recent emergency patches.

Meta’s Semiannual Adversarial Threat Report, First Half 2026. Read more

Measuring the Impact of Terrorism - Global Terrorism Index 2026 by the IEP Institute for Economics & Peace. Report.

Russia's Centre 795 - Secret Unit for Foreign Assassinations and Abductions: The Insider and Der Spiegel expose a covert Russian unit established in December 2022 uncovered after an officer used Google Translate to communicate with a Serbian agent in the US. Find out more

Russia and Iran Recruiting Ordinary Europeans for Espionage: A Dutch counterintelligence official warns both states are increasingly targeting everyday citizens not just insiders for espionage and sabotage operations. Find out more

Vienna Re-emerges as Russia's European Intelligence Hub: With ~500 Russian diplomats still present, Vienna has become one of Moscow's primary intelligence staging grounds in Europe. Find out more

Iran Recruiting European Criminals via Telegram Bots: Iran is using Telegram bots to recruit European criminal networks for harassment, surveillance, and intimidation on European soil. Find out more

Meta Kills Instagram DM Encryption: End-to-end encrypted messaging on Instagram will no longer be supported after May 8, 2026. Find out more

Russia's "Matryoshka": AI Deepfakes Built Around Epstein Files: This state-funded bot network weaponizes the Epstein files to flood X with AI-generated articles and deepfake videos framing US politicians.

Pixel Tracking: Meta & TikTok’s Data Grab. A new report by JScrambler reveals that Meta and TikTok’s tracking pixels are harvesting far more than just "clicks." These scripts are scraping sensitive data directly from payment pages- including the last four digits of credit cards giving social media giants a backdoor into your private financial transactions.

Built-in VPN coming to Firefox: Firefox 149, scheduled to be released next week, will ship with a free built-in VPN. The service will be available in the US, the UK, France, and Germany, and users will be limited to 50 GB of data.

AI vs Dirty Money - OSINT for Illicit Financial Flows: How AI-powered open-source intelligence is being deployed in financial investigations to expose money laundering and sanctions evasion. Find out more

'Claudy Day' - Trio of Flaws Exposes Claude Users to Data Theft: Researchers found a trio of vulnerabilities in Claude.ai, including "invisible" prompt injections and an API flaw that could leak user data. While Anthropic has patched the main injection risk, an open redirect remains a concern for potential phishing attacks. Find out more

Reddit Sleuth Unmasks $2B "Dark Money" Network Behind Meta. An OSINT investigation has mapped how Meta allegedly weaponizes $2 billion in nonprofit grants and 45 front groups to push for invasive age verification laws. Using only public filings and grant databases, this deep dive exposes a masterclass in corporate "astroturfing" where multi-million dollar lobbying operations are disguised as grassroots movements. Read the breakdown

Intelligence Analyst's Playbook (SANS): SANS reference poster covering intelligence analysis workflows, structured analytic techniques, and source evaluation frameworks. Playbook.

Username Scanner: Streamlit-based tool for cross-platform username enumeration. Find out more

Ningbo Port - Flexport Atlas: Real-time container traffic visualisation for Ningbo, China - useful for maritime OSINT and supply chain monitoring.

Operation Skyframe: Iran’s Shadow Empire in Russia. An explosive investigation reveals a bizarre "triad" of Iranian intelligence operations on Russian soil: smuggling stolen Ukrainian grain, trading illegal arms, and surprisingly laundering profits through children's animated films. The investigation is in Russian.

The Polish CNC Pipeline to Russia: In a joint probe with Ukraine's Trap Aggressor, our team at FRONTSTORY.PL exposed how Polish-made CNC machines are still reaching the Russian arms industry. We identified 48 cases where Western technology bypassed sanctions via Turkish middlemen to fuel Russia’s military production. Read in Polish & in English.

Chrome Moves to a Two-Week Release Cycle. Starting September 2026, Chrome will ship a new stable version every two weeks instead of four. The faster cadence means smaller releases and quicker access to security fixes.

How to "Vibe Design" with Google Stitch

Google Labs just supercharged Stitch, their free AI UI tool. With a new infinite canvas and instant prototyping, "vibe designing" high-fidelity apps is now effortless.

The Workflow:

AI in Executive Protection & OSINT (Falkor): A deep dive into moving from raw OSINT data to protective action using AI. March 24 | Register here

How to Get Ahead in OSINT (Gisela Perez de Acha): 5 simple steps to mastering digital conflict research and disinformation analysis. March 24 | Register here

Europol: Launch of the European Centre Against Migrant Smuggling (ECAMS): Join the live press conference for the launch of Europol’s newest specialized center. March 24, 13:00

From Alias to Attribution (StealthMole): A case study on "Quessts," a cross-platform underground operator. Learn to map dark web patterns into structured attribution. March 25, 4:00 PM SGT | Register here

The Modern Money Trail - Featuring lead investigators from the International Consortium of Investigative Journalists (ICIJ) and data experts from OpenCorporates, we reveal the "bricks and mortar" reality of the global crypto economy. March 26 | Register here

Investigating Spyware & Stalkerware (DataExpert): Learn how stalkers leverage mobile spy apps to track victims and how to uncover them. March 26 | Register here

AI for Due Diligence in 2026: Master the latest AI workflows for background checks and corporate risk assessment. March 31 | Register here

Operationalizing Threat Intelligence (Recorded Future): Mastering the lifecycle of actionable intel. Watch here

The Crypto Detective Lunch. March 26, 2026 | Cost: $30 | Register here

SANS OSINT Summit Amsterdam (SANS OSINT Europe 2026) June 15–16 | Amsterdam + Online: Europe's inaugural OSINT Summit brings together top practitioners for two days of applied sessions and networking in Amsterdam. Have a breakthrough workflow, a cracked case, or a tool worth sharing? They're looking for practical talks on OSINT techniques & methodologies, AI in investigations, case studies (wins, failures, and lessons), tools & data exploitation, legal/ethical challenges, and OSINT in cyber threat intelligence. No fluff - deadline is March 30. Submit proposal.