π’ New #Insomnia ransomware gang.
β’οΈ Active since October 2025, 17 victims published on their data leak site.
ππΌ Onion link and TOX ID already available on #deepdarkCTI github.com/fastfire/dee...
07.02.2026 21:38 β π 0 π 1 π¬ 0 π 0
π How is the ransomware gang landscape evolving after the #RAMP forum seizure?
π΄ Another well-known forum seems to be becoming a point of reference in this field.
ππΌ We discuss it in the article you can read at this link www.neteye-blog.com/2026/02/from...
04.02.2026 10:53 β π 1 π 2 π¬ 0 π 0
With 2025 now behind us, we can make some observations regarding the landscape of double-extortion #ransomware #attacks.
β Which ransomware gangs were the most active?
β Which sectors and countries were most affected?
ππ» Read the full article here www.neteye-blog.com/2026/01/rans...
02.01.2026 13:57 β π 1 π 1 π¬ 0 π 0
π’ Recap of what happened in #deepdarkCTI in 2025:
β
586 commits
β
35 contributors
β
6,400 stars on GitHub
β
8 articles on www.deepdarkcti.com
β
129 active users within the Telegram channel
β
a total of 2,465 sources
π Many thanks to the #deepdarkCTI community!
31.12.2025 13:08 β π 3 π 0 π¬ 0 π 0
A new interview is available on the #deepdarkCTI project blog. This time, the interview concerns the #Benzona ransomware gang.
π You can read the full interview here deepdarkcti.com/interview-8-...
23.12.2025 23:48 β π 0 π 0 π¬ 0 π 0
@ichinin.bsky.social I don't think you read the article carefully; perhaps you just looked at the image. The indicators provided are always contextualized within an analysis ticket. So, yes, it's intelligence.
06.11.2025 12:12 β π 0 π 0 π¬ 1 π 0
π΄The problem of properly integrating #Threat #Intelligence into #Security #Operations processes is a recurring one.
π I wrote an article in which I described the integration process we have implemented.
ππ» Read the article here www.neteye-blog.com/2025/11/embe...
05.11.2025 23:28 β π 0 π 0 π¬ 1 π 0
#Ransomware π£ NEW FEATURE
La nuova sezione RF Domain Monitor permette il monitoraggio costante dei domini sotto controllo #Ransomfeed e di deepdarkCTI project (@fastfire.bsky.social), alla ricerca di variazioni DNS e law enforcement.
1/2
22.10.2025 10:15 β π 2 π 1 π¬ 1 π 0
π’ We interviewed Gabi, a member of the #Cyber ββ#Toufan group. This group, active since October 2024, has carried out several attacks against #Israeli targets.
The full interview is available at the link deepdarkcti.com/interview-7-...
03.09.2025 20:03 β π 1 π 0 π¬ 0 π 0
π’ At deepdarkcti.com/details-of-t..., you can find a detailed timeline of the main events related to the alleged seizure of the #XSS forum.
β° The timeline is constantly updated, taking into account relevant events that are also occurring in recent days.
#deepdarkCTI
05.08.2025 21:11 β π 1 π 0 π¬ 0 π 0
π’ A new interview is available on the #deepdarkCTI website. This time, community member #Erez interviewed the founder of the #Devman ransomware gang.
ππ» You can read the full interview at this link deepdarkcti.com/interview-6-...
15.07.2025 08:36 β π 1 π 0 π¬ 0 π 0
Loading...
π’ New Critical Vulnerabilities Disclosed for Citrix Netscaler support.citrix.com/support-home...
17.06.2025 18:49 β π 1 π 0 π¬ 0 π 0
We interviewed #Se7en, the founder of #Exodus #Market, a platform for selling #infostealers #logs.
Read the full interview here deepdarkcti.com/interview-5-...
10.06.2025 19:34 β π 0 π 1 π¬ 0 π 0
New ransomware gang #RunSomeWares DLS. 4 victims claimed. Already indexed on #deepdarkCTI
27.02.2025 15:40 β π 3 π 0 π¬ 0 π 0
New ransomware gang #Anubis DLS. Already indexed on #deepdarkCTI
24.02.2025 23:00 β π 0 π 0 π¬ 0 π 0
βοΈ New data leak site: #Kraken ransomware gang. The gang seems to be simply a rebrand of #HelloKitty, as of the 5 victim organizations already declared, 2 (Cisco and CDProject) had already been previously declared.
π― The DLS link has already been added to #deepdarkCTI (github.com/fastfire/dee...).
09.02.2025 08:40 β π 3 π 0 π¬ 0 π 0
Some updates regarding the #Gravy #Analytics data breach. I analyzed part of the data shared by TA #nightly on #XSS forum. Some of the numbers involved:
13473 applications
396115 ip
3317 organizations
43586 locations
11 countries
330543 partners email accounts
08.01.2025 23:38 β π 1 π 0 π¬ 0 π 0
Happy Holidays to the amazing #deepdarkCTI community! Our project has reached 4600 stars this year, since the beginning of the project we have had 93 contributors, in the private Telegram channel there are about 100 users, we have counted over 1900 sources! Thank you all so much!
23.12.2024 11:49 β π 2 π 0 π¬ 1 π 0
When you work together with friends, everything is easier! #CyberSec #ThreatIntelligence
10.12.2024 20:55 β π 1 π 0 π¬ 0 π 0
Great list @oxley.io! If you would consider adding my account... thanks!
10.12.2024 20:50 β π 0 π 0 π¬ 0 π 0
Yet an other Ransomware gang tracker - Opensource project: https://github.com/RansomLook/RansomLook - Website: https://www.ransomlook.io
Cybersecurity Specialist, Public Speaker, Ex-Hacker.
https://marcushutchins.com
Founder of Granitt, securing journalists and at-risk people around the world.
Chasing digital badness. Senior Researcher at Citizen Lab, but words here are mine.
loves dogs, sports, memes. she/her. podcaster. "bluesky's humblest resident nailfluencer π
" - Jerry
my heart is in the west π΅π views mine.
cybersecurity weather man. scanning the horizons for cloudy cyber. Expert at nothing except computer rubbish. Anti-ransomware since 2015.
Ramblings of a Mad Englishman: Hacker @ BBC's Real Hustle & Mr Robot. Head of Sec @ DEF CON. Founder @ CTI-League, Ransomware Taskforce, w00w00, CDC NSF, (He/Him).
Also
Twitter @marcwrogers
Mastodon cj@chaos.social
Mandiant Intelligence at Google. CYBERWARCON and SLEUTHCON founder. Johns Hopkins professor. Army vet.
Cyber-warfare | PhD from KCL | Author of 'Offensive Cyber Operations' | Security @ Meta
senior researcher at @citizenlab.ca
Recorded Future - Ransomware Researcher
Owner @greenarcher.io - Yours Truly, Johnny Dollar | The Press Guardian | The Clock | The Green Archer
Weird mix of security, comics, photography and wine!
www.greenarcher.io
Executive Director for Intelligence and Security Research @ SentinelOne.
Distinguished Fellow and Adj Professor @ Hopkins SAIS Alperovitch Institute. Three Buddy Problem Co-Host. LABScon Founder, Cyber Paleontologist, Fourth-Party Collector.
Fmr. NSC Director, Intelligence. Director, Threat Disruption @ Meta. Rescue Dog Pilot, Flight Instructor, Former Big Hair Practitioner π³οΈβπ
Threat Intel / CTI / OT / ICS / Critical Infra stuff along with other things. I genuinely care, and wish others did too.
Website: pylos.co
Training/Consulting: paralus.co
Aussie security / tech guy.
Google Threat Intelligence. Co-founder Threat Analysis Group (TAG). Tweets are my own not my employers.
You may know me from your server logs.
#Malware, Hacks, Internet Scanning, #CTI
π¬π§ | Senior Threat Intelligence Advisor at Team Cymru | Co-author SANS FOR589 | Co-founder Curated Intel
Former intel, now academic @NDU_CIC, @TheKrulakCenter, @SIWPSColumbia @ColumbiaSIPA, @CyberStatecraft, @ElliottSchoolGW, @PAISWarwick. Apolitical, views=own
Distinguished Threat Researcher, Research Lead @SentinelOne.
Advisor with @ValidinLLC.
https://tomhegel.com/blog.html
