Intel Chain
On the 10-year anniversary of the Panama Papers, journalists and a Nobel-wining economist share their recollections of how the story unfolded, and how the investigation still resonates today. Source: ICIJ
Evidence Chain (11 linked intel)
Stolen credentials remain a top breach vector, often leading to unchecked privilege escalation. Specops explains how identity-first Zero Trust limits access, enforces device trust, and blocks lateral movement. [...] Source: BleepingComputer
The Lebanese government go into peace talks with limited influence over the group. Source: BBC News
A 24-year-old British national and senior member of the cybercrime group "Scattered Spider" has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan admitted his role in a series of text-message phishing attacks in the summer of 2022 that allowed the group to hack into at least a dozen major technology companies and steal tens of millions of dollars worth of cryptocurrency from investors. Source: Krebs on Security
The halt to weeks of fighting is being celebrated in Lebanon, but it will be difficult to ensure it lasts. Source: BBC News
Envoys from EU member states have finally paved the way for a €90 billion loan to Ukraine that had long been blocked by Hungary. They also approved a 20th package of sanctions on Russia over its invasion of its neighbor. Source: World | Deutsche Welle
An analysis of the destructive malware reveals sophisticated living-off-the-land (LotL) techniques and detailed strategies for the widespread deletion of data. Source: darkreading
UN chief says US-Iran standoff in the Strait of Hormuz risks triggering a global food emergency. Source: Al Jazeera – Breaking News, World News and Video from Al Jazeera
Checkmarx has disclosed that its ongoing investigation tied to the supply chain security incident has revealed that a cybercriminal group published data related to the company on the dark web. "Based on current evidence, we believe this data originated from Checkmarx's GitHub repository, and that access to that repository was facilitated through the initial supply chain attack of March 23, 2026, Source: The Hacker News
A cybercrime group of Brazilian origin has resurfaced after more than three years to orchestrate a campaign that targets Minecraft players with a new stealer called LofyStealer (aka GrabBot). "The malware disguises itself as a Minecraft hack called 'Slinky,'" Brazil-based cybersecurity company ZenoX said in a technical report. "It uses the official game icon to induce voluntary execution, Source: The Hacker News
Video released by Ukraine’s Third Army Corps shows a four-hour rescue in Lyman, where a 77-year-old woman was saved by an autonomous vehicle after being spotted by drone pilots. The ground drone carried a blanket and a note reading: “Grandma, sit down!” Source: News | Euronews RSS
Raw threat intel isn't enough without real-world context. Criminal IP has partnered with Securonix to integrate exposure-based intelligence into ThreatQ, automating analysis and speeding up investigations. [...] Source: BleepingComputer
Palo Alto Networks has disclosed that threat actors may have attempted to unsuccessfully exploit a recently disclosed critical security flaw as early as April 9, 2026. The vulnerability in question is CVE-2026-0300 (CVSS score: 9.3/8.7), a buffer overflow vulnerability in the User-ID Authentication Portal service of Palo Alto Networks PAN-OS software that could allow an unauthenticated attacker Source: The Hacker News
Israel and Hezbollah have continued to trade fire despite a ceasefire deal being announced last month. Source: BBC News
I had read countless legal documents about the world's bestselling drug. But it took a trip to Latin America to see how scarcity shapes life and death decisions. Source: ICIJ
A quagmire in Iran, sky-high oil prices and shrinking support at home: when US President Donald Trump belatedly travels to China this week, his position has weakened. Still, he is hoping for any deal. Nervous Europeans are watching. Source: News | Euronews RSS
Following a withdrawal from the Sahel region, France is seeking to expand its geostrategic influence in Africa by seeking new allies. The first Africa Summit in Kenya is intended to mark a fresh start. Source: World | Deutsche Welle
Tehran threatened to enrich uranium to weapons-grade if attacked again, as Trump said the ceasefire had a "one percent chance" of surviving after rejecting Tehran's proposal. Source: News | Euronews RSS
Cyber adversaries have long used AI, but now attackers are using large language models to develop exploits and orchestrate complex attacks. Source: darkreading
I had read countless legal documents about the world's bestselling drug. But it took a trip to Latin America to see how scarcity shapes life and death decisions. Source: ICIJ
Security teams have never had better visibility into their environments and never been worse at confirming what they fix stays fixed. Mandiant's M-Trends 2026 report puts the mean time to exploit at an estimated negative seven days. The Verizon 2025 DBIR puts median time to remediate edge device vulnerabilities at 32 days. These numbers have understandably driven the industry toward a clear Source: The Hacker News
New Delhi is proud of its carefully balanced ties with rival nations in the Middle East. But this diplomatic strategy might be reaching its breaking point. Source: World | Deutsche Welle
Have related intel?
Corroborate, contradict, or expand this intelligence chain.