Illicit communities
Identity Is the New Attack Surface: How Infostealers Are Reshaping Enterprise Risk
Our essential new guide helps IT, Threat Intelligence, Fraud, and HUNT teams understand how infostealers operate, how stolen identity data fuels real-world attacks, and how organizations can move from reactive response to ...
Understanding Illicit Ecosystems: Weaponizing Mainstream Apps and Social Infrastructure
As part of our ongoing series, we focus on the shared infrastructure that fuels threat actors; the intersection of mainstream social media, open-source messaging platforms, and gaming communities. The post Understanding Illicit ...
Understanding Illicit Ecosystems: XSS and the Current State of the Russian-Speaking Underground
In this post, we explore XSS’ shift from a unified forum to a scattered community spread across several competing factions. The post Understanding Illicit Ecosystems: XSS and the Current State of the ...
The Mini Shai-Hulud Worm and the New Era of CI/CD Exploitation
In this post we break down the technical mechanics of TeamPCP’s recent campaign, the impact on the developer ecosystem, and the urgent steps needed to secure software supply chains. The post The ...
Navigating 2026’s Converged Threats: Insights from Flashpoint’s Global Threat Intelligence Report
In this post, we preview the critical findings of the 2026 Global Threat Intelligence Report, highlighting how the collapse of traditional security silos and the rise of autonomous, machine-speed attacks are forcing ...
How China’s “Walled Garden” is Redefining the Cyber Threat Landscape
In our latest webinar, Flashpoint unpacks the architecture of Chinese threat actor cyber ecosytem—a parallel offensive stack fueled by government mandates and commercialized hacker-for-hire industry. The post How China’s “Walled Garden” is ...
Qakbot Takedown: A Brief Victory in the Fight Against Resilient Malware
Prior botnet takedowns like Emotet and TrickBot have shown that sophisticated malware operations, like Qakbot, can often rebuild infrastructure and return from disruptions in new forms The post Qakbot Takedown: A Brief ...
Lost in Transition: A Timeline of Failed Successors to Breach and Raid Forums
The legacy of Raid, Breach, and their 'successors' provides an important lens into how data breach communities function and the real-life implications of the information they traffic The post Lost in Transition: ...
Lessons From Clop: Combating Ransomware and Cyber Extortion Events
Recent attacks from Clop emphasize the importance of implementing an organization-wide ransomware and cyber extortion strategy, from preparedness to detection and isolation The post Lessons From Clop: Combating Ransomware and Cyber Extortion ...
Killnet: Inside the World’s Most Prominent Pro-Kremlin Hacktivist Collective
Well-known pro-Kremlin hactivist group Killnet has been noted for its level of activity and ambition, especially since the outbreak of the Russia-Ukraine war. The post Killnet: Inside the World’s Most Prominent Pro-Kremlin ...
