Skip to content
Signals
Monitoring NVD, CISA KEV, EPSS and the Dragons Community ransomware tracker in near-real timeMonitoring NVD, CISA KEV, EPSS and the Dragons Community ransomware tracker in near-real time
Dragons Community

Threat Intelligence Product

Announcements

Announcements cover platform updates, threat intelligence advisories and feature releases. Back to Threat Intelligence

Pinned

ProductPinnedMay 25, 2026

Dragons Community Threat Feed v2.0 launched

The threat intelligence feed now includes TLP classification, confidence scoring and MITRE ATT&CK mapping for all items. Feed filtering has been expanded with type, severity and TLP dimensions.

Threat IntelPinnedMay 24, 2026

Advisory: Increased VoidLock activity targeting healthcare

VoidLock Collective has intensified operations against healthcare organizations. Defensive teams should review VPN exposure, enforce MFA and verify backup integrity. All details reference mock threat data.

Advisory based on mock threat data. No real victim details included.

6 announcements

VulnerabilityMay 23, 2026

Vulnerability product area expanded

The vulnerability product now includes vendor and product catalogs, EPSS scoring overview, patch prioritization and export previews. Visit /vulnerabilities for the full product area.

RansomwareMay 22, 2026

New ransomware group tracking: ShadowVault RaaS

ShadowVault has been added to the ransomware group tracking database. The group operates a RaaS model targeting technology and cloud service providers. All data is fictional.

Fictional ransomware group. No real affiliate programs or victim data referenced.

PlatformMay 21, 2026

Platform maintenance window: 2026-05-28

Scheduled maintenance on 2026-05-28 from 02:00–04:00 UTC. Feed ingestion and alert delivery may be delayed during this window. No data loss is expected.

ResearchMay 20, 2026

Research: Ransomware affiliate model evolution

New research brief examines how ransomware affiliate models are evolving with lower barriers to entry and expanded targeting. Based on mock data patterns and publicly available research.

ProductMay 18, 2026

Dark web monitoring coverage expanded

Mock dark web monitoring now covers additional source types including paste sites and social bridge channels. Source reliability scoring has been refined.

VulnerabilityMay 17, 2026

Advisory: Fortinet VPN exploitation in access broker listings

Access broker listings referencing Fortinet SSL VPN session bypass have increased. Organizations using Fortinet VPN should verify patching for CVE-2026-20881. Mock advisory.

Mock advisory. No real access listings or broker details included.