CSE Connect
CTI Feed & Crime Pressure GaugeThreat Intelligence Feed
A carefully curated feed of current cyber threats drawn from 30 qualified sources selected for provenance, currency, and editorial independence. No commercial interests. No vendor bias. Designed to provide accurate, timely, and trusted threat intelligence to practitioners, policymakers, and organisations seeking an honest picture of today's threat landscape.
Threat pulse radar
Each dot is a live reported incident — position shows category and recency
Incidents close to the centre are from the last 24 hours. Those near the outer edge are up to 7 days old. Watch for clusters building in any category — that is pressure accumulating.
Estimated annual cost of cybercrime — rolling 12 months, including unreported incidents (×7 dark figure multiplier)
Rising to $19.7 trillion a year by 2030 —
The most expensive Olympics ever cost roughly $50 billion. $12 trillion could fund 240 Olympic Games simultaneously.
Category pressure
Five arcs, one per threat category. Each arc fills according to how severe that category's stories have been over the last seven days — the average significance score of its published items, not a count of headlines. The busiest category shows a full arc; the rest are scaled against it. Because it's an average, one severe story can out-pressure twenty medium ones — and a full arc in a quiet week looks identical to a full arc in a chaotic one: this dial shows the shape of the week's pressure, not its absolute size. The centre number is the overall pressure index: green below 40, amber to 65, red above.
Today's top signal
Representative of the dominant threat activity observed across our source network in the last 24 hours.
Ransomware attack: Southport Outdoor Living
via ransomware live
This threat actor is not yet widely documented in open source intelligence. Activity is being tracked across multiple incident reports.
This attack on a consumer services organisation in the United Kingdom follows a pattern of dragonforce activity against consumer services targets.
Estimated fully-absorbed economic impact: $6M (actor average).
The Widening Gap: Cybercrime Cost vs Global Economic Growth
Threat Intelligence Feed
We organise threat intelligence into five categories that reflect how the modern threat landscape actually operates — from the criminal economy driving ransomware and fraud, to nation state operations, evolving attacker behaviours, sector-specific attack waves, and the highest-severity vulnerabilities under active exploitation. Each category tab contains a short description. Together they give a structured, practitioner-grade view of where pressure is building and why.
Share & Subscribe
Email Digest
Receive alerts when significant cyber threats are detected.
RSS Feed
Subscribe via RSS for the latest 50 published items.
/api/feed.rssComing soon in a future release.
Embed Widget
Add the CTI feed to your website. No cookies, no tracking.
<script src="https://ctifeed.cseconnect.org/widget.js"
data-theme="dark" data-items="3">
</script>About This Dashboard
Provenance
This dashboard is maintained by CSE Connect, an independent cyber security education initiative. It aggregates open-source cyber threat intelligence from 30 curated sources, applies a transparent scoring methodology, and publishes a feed of editorially significant events.
All data is sourced from publicly available threat intelligence feeds. No classified or restricted information is used. The project is open source and the methodology is fully documented.
Methodology
Annual cost anchors: The counter shows the current annual run-rate of global cybercrime cost, anchored to the Proxyrack Global Cybercrime Report 2026: $11.88 trillion per year at the start of 2026, projected to reach $19.71 trillion per year by 2030 (~13% compound annual growth). We interpolate linearly between those two published anchors.
Absorbed cost (x3): Direct losses are multiplied by 3 to capture remediation, legal, regulatory, and reputational costs — the fully-absorbed economic impact.
Under-reporting factor (x7): Intelligence estimates suggest reported cybercrime captures only ~1/7th of actual losses. The “true impact” figure accounts for unreported incidents.
Scoring model: Items are scored across five dimensions: source tier, threat category, economic signal, recency, and signal amplifiers. Items scoring 55+ are auto-published; 35-54 are held for editorial review; below 35 are discarded.
Data Sources
Tier 1 — Primary Sources
Tier 2 — Enrichment Sources
⚑ Securelist items carry a provenance flag due to Russian jurisdiction.
CSE Connect. Cyber Threat Intelligence Feed & Crime Pressure Gauge. Open source. Built for students, academics, policy makers, and practitioners.