As part of our ongoing series, we focus on the shared infrastructure that fuels threat actors; the intersection of mainstream social media, open-source messaging platforms, and gaming communities. The post Understanding Illicit Ecosystems: Weaponizing Mainstream Apps and Social Infrastructure appeared first on Flashpoint ... Read More

In this post, we explore XSS’ shift from a unified forum to a scattered community spread across several competing factions. The post Understanding Illicit Ecosystems: XSS and the Current State of the Russian-Speaking Underground appeared first on Flashpoint ... Read More

A monthly analysis of how artificial intelligence is used in illicit communities, based on Flashpoint proprietary intelligence and direct visibility into real threat actor environments. The post AI Threat Report: How Artificial Intelligence Is Used Across Illicit Communities appeared first on Flashpoint ... Read More

Flashpoint analysts, working with partner financial institutions, have observed a growing number of PhaaS operations operating with a level of coordination and specialization more commonly associated with legitimate software platforms. These ecosystems bring together phishing kit developers, infrastructure providers, spam delivery services, and financially motivated actors into a single, scalable ... Read More

How threat actors are executing tax refund fraud schemes, from sourcing identity data to bypassing verification and cashing out fraudulent returns, and what these patterns reveal about evolving fraud ecosystems. The post Tax Refund Fraud in 2026: How Threat Actors Exploit Identity, Verification, and Cash-Out Channels appeared first on Flashpoint ... Read More

Across multiple theaters, Iran-aligned groups are using similar language, emphasizing shared objectives, and in some cases pointing to an expanded target set that reaches beyond their traditional operating areas. Taken together, this messaging suggests continued alignment across militant networks and a heightened likelihood of retaliatory or opportunistic activity targeting US ... Read More

On February 28, the United States and Israel launched coordinated strikes across Iran under Operation Epic Fury (also referenced in reporting as Operation Lion’s Roar). The post Escalation in the Middle East: Tracking “Operation Epic Fury” Across Military and Cyber Domains appeared first on Flashpoint ... Read More

Infostealers continue to dominate the initial access landscape in 2026, lowering the barrier to breach through scalable credential theft. DarkCloud illustrates how low-cost, commercialized malware is reshaping the initial access landscape. The post Understanding the DarkCloud Infostealer appeared first on Flashpoint ... Read More

In this post we analyze the multi-vector threat landscape of the 2026 Winter Olympics, examining how the Games’ dispersed geographic footprint and high digital complexity create unique potential for cyber sabotage and physical disruptions. The post Cyber and Physical Risks Targeting the 2026 Winter Olympics appeared first on Flashpoint ... Read More

This threat assessment analyzes potential physical and cyber threats to Super Bowl LIX. The post Protecting the Big Game: A Threat Assessment for Super Bowl LX appeared first on Flashpoint ... Read More