CSE Connect

Threat Intelligence Feed

A carefully curated feed of current cyber threats drawn from 30 qualified sources selected for provenance, currency, and editorial independence. No commercial interests. No vendor bias. Designed to provide accurate, timely, and trusted threat intelligence to practitioners, policymakers, and organisations seeking an honest picture of today's threat landscape.

1d3d5d7dCRIMINALNATION STATEBEHAVIOURALVERTICALTIER 1 CVE

Threat pulse radar

Each dot is a live reported incident — position shows category and recency

Incidents close to the centre are from the last 24 hours. Those near the outer edge are up to 7 days old. Watch for clusters building in any category — that is pressure accumulating.

Estimated annual cost of cybercrime — rolling 12 months, including unreported incidents (×7 dark figure multiplier)

$0

Rising to $19.7 trillion a year by 2030 —

The most expensive Olympics ever cost roughly $50 billion. $12 trillion could fund 240 Olympic Games simultaneously.

CRIMINALNATION STATEBEHAVIOURALVERTICALTIER 1 CVE
--pressure

Category pressure

Five arcs, one per threat category. Each arc fills according to how severe that category's stories have been over the last seven days — the average significance score of its published items, not a count of headlines. The busiest category shows a full arc; the rest are scaled against it. Because it's an average, one severe story can out-pressure twenty medium ones — and a full arc in a quiet week looks identical to a full arc in a chaotic one: this dial shows the shape of the week's pressure, not its absolute size. The centre number is the overall pressure index: green below 40, amber to 65, red above.

Today's top signal

Representative of the dominant threat activity observed across our source network in the last 24 hours.

Ransomware attack: Southport Outdoor Living

via ransomware live

This threat actor is not yet widely documented in open source intelligence. Activity is being tracked across multiple incident reports.

This attack on a consumer services organisation in the United Kingdom follows a pattern of dragonforce activity against consumer services targets.

Estimated fully-absorbed economic impact: $6M (actor average).

The Widening Gap: Cybercrime Cost vs Global Economic Growth

Threat Intelligence Feed

We organise threat intelligence into five categories that reflect how the modern threat landscape actually operates — from the criminal economy driving ransomware and fraud, to nation state operations, evolving attacker behaviours, sector-specific attack waves, and the highest-severity vulnerabilities under active exploitation. Each category tab contains a short description. Together they give a structured, practitioner-grade view of where pressure is building and why.

Share & Subscribe

Email Digest

Receive alerts when significant cyber threats are detected.

RSS Feed

Subscribe via RSS for the latest 50 published items.

/api/feed.rss

Coming soon in a future release.

Embed Widget

Add the CTI feed to your website. No cookies, no tracking.

<script src="https://ctifeed.cseconnect.org/widget.js"
        data-theme="dark" data-items="3">
</script>

About This Dashboard

Provenance

This dashboard is maintained by CSE Connect, an independent cyber security education initiative. It aggregates open-source cyber threat intelligence from 30 curated sources, applies a transparent scoring methodology, and publishes a feed of editorially significant events.

All data is sourced from publicly available threat intelligence feeds. No classified or restricted information is used. The project is open source and the methodology is fully documented.

Methodology

Annual cost anchors: The counter shows the current annual run-rate of global cybercrime cost, anchored to the Proxyrack Global Cybercrime Report 2026: $11.88 trillion per year at the start of 2026, projected to reach $19.71 trillion per year by 2030 (~13% compound annual growth). We interpolate linearly between those two published anchors.

Absorbed cost (x3): Direct losses are multiplied by 3 to capture remediation, legal, regulatory, and reputational costs — the fully-absorbed economic impact.

Under-reporting factor (x7): Intelligence estimates suggest reported cybercrime captures only ~1/7th of actual losses. The “true impact” figure accounts for unreported incidents.

Scoring model: Items are scored across five dimensions: source tier, threat category, economic signal, recency, and signal amplifiers. Items scoring 55+ are auto-published; 35-54 are held for editorial review; below 35 are discarded.

Data Sources

Tier 1 — Primary Sources

RansomLook.ioRansomware.liveKrebs on SecurityThe DFIR ReportObjective-SeeIntrusion TruthVX-UndergroundNCSC UKCISA KEVTelegram: @ransomwarenewsTelegram: @darkwebinformerTelegram: @soc_pr

Tier 2 — Enrichment Sources

Recorded FutureSOCRadarCybleMicrosoft Security BlogSentinelOne LabsGoogle TAGMandiantFlare.ioKela GroupRed CanaryGoogle Project ZeroSecurelist by Kaspersky ⚑Bleeping ComputerCISA AdvisoriesMalwarebytes Labs

⚑ Securelist items carry a provenance flag due to Russian jurisdiction.

CSE Connect. Cyber Threat Intelligence Feed & Crime Pressure Gauge. Open source. Built for students, academics, policy makers, and practitioners.