The Flashpoint 2025 Global Threat Intelligence Report provides insights into the evolving cyber threat landscape, highlighting key threats such as infostealers and the influence of geopolitical tensions. It offers detailed analysis of adversary tactics, including ransomware-as-a-service, and presents actionable intelligence to enhance security resilience and risk mitigation.

Google’s Threat Intelligence Group is tracking a financially motivated threat cluster, UNC6040, which employs voice phishing to compromise Salesforce environments and exfiltrate data. Following these intrusions, they engage in extortion tactics, often posing as the group ShinyHunters and pressuring victims for payment in bitcoin. The growing sophistication of these tactics highlights the vulnerabilities in organizational defenses, particularly targeting IT personnel for initial access.

Primary Source Collection (PSC) enhances threat intelligence by providing actionable insights that static feeds cannot deliver. The article explores PSC's definition, real-world applications in various sectors, and offers a framework for evaluating vendors' collection capabilities.

CRADLE is an open-source web application designed for Cyber Threat Intelligence analysts, facilitating collaborative threat analysis through features like note-taking, relationship mapping, and report generation. The platform is built with a modular architecture, incorporating a Django backend and an Electron/React frontend, and is accessible via Docker. Contributions are encouraged from the security community to enhance the project.