Open Source Intelligence Archives

pac4j CVE-2026-29000: Sonatype Finds 18 Additional Packages

Sonatype Security Research Team | March 11, 2026 | Authentication, CVE, CVSS, framework, Java, Open Source Intelligence, Security Vulnerabilities, Sonatype Guide, Sonatype Lifecycle, vulnerability

A newly disclosed critical vulnerability in the widely used pac4j authentication framework is drawing attention across the open source community. Tracked as CVE-2026-29000, the flaw affects the pac4j-jwt library, which is commonly ...

2024 Sonatype Blog

Accelerate Secure Releases With Microsoft Copilot and Sonatype Guide

Aaron Linskens | February 26, 2026 | AI, Artificial Intelligence, dependencies, MCP, Microsoft, Model Context Protocol, Open Source Intelligence, Sonatype Guide

AI coding assistants, such as Microsoft Copilot, are fundamentally transforming the process of software development. Developers can generate scaffolding, draft functions, update dependencies, and even build full applications in seconds. The speed ...

2024 Sonatype Blog

Modern Vulnerability Management in the Age of AI

Aaron Linskens | February 25, 2026 | AI, Artificial Intelligence, open source, Open Source Intelligence, security, Security Vulnerabilities, Vulnerabilities

Vulnerability management today is not failing because teams stopped scanning. It's failing because the ground underneath it shifted. The approach we've relied on — complete advisory data, upstream fixes on demand, and ...

2024 Sonatype Blog

The Human Element: Turning Threat Actor OPSEC Fails into Investigative Breakthroughs

Flashpoint | February 13, 2026 | cyber threat intelligence, FEATURED, Open Source Intelligence, opsec, threat actor, Webinar

In this post, we explore how the psychological traps of operational security can unmask even the most sophisticated actors. The post The Human Element: Turning Threat Actor OPSEC Fails into Investigative Breakthroughs ...

Threat Intelligence Blog | Flashpoint

The Great Shift: Cybersecurity Predictions for 2026 and the New Era of Threat Intelligence

Mitchell Johnson | January 30, 2026 | AI, Artificial Intelligence, Business, Cybersecurity, Industry commentary, industry guidelines, News and Views, Open Source Intelligence, Threat

As we look back on 2025, AI and open source have fundamentally changed how software is built. Generative AI, automated pipelines, and ubiquitous open source have dramatically increased developer velocity and expanded ...

2024 Sonatype Blog

AI Is Hard Work

Mitchell Johnson | January 16, 2026 | AI, Artificial Intelligence, generative AI, Open Source Intelligence, scale, sonatype intelligence

"Opportunity is missed by most people because it is dressed in overalls and looks like work."— Thomas A. Edison ...

2024 Sonatype Blog

Why Natural Language Processing Is Crucial for Open-Source Intelligence Analysts

Flashpoint Team | February 27, 2023 | cyber threat intelligence, Open Source Intelligence, OSINT, Threat Intelligence

As the volume of data continues to grow, it's important to have tools that can help derive meaningful insights from this data. Natural language processing (NLP) is one such tool that's becoming ...

Threat Intelligence Blog | Flashpoint

OSINT APIs for Mere Mortals

Matt Edmondson | January 31, 2023 | cyber threat intelligence, Open Source Intelligence, Open Source Security, OSINT, research

When it comes to OSINT research, APIs can be mightily helpful. Here are three ways to create custom capabilities using APIs without much programming experience. The post OSINT APIs for Mere Mortals ...

Threat Intelligence Blog | Flashpoint

OSINT Tools Library

Flashpoint Team | January 13, 2023 | Corporate and Physical Security, cyber threat intelligence, Open Source Intelligence, OSINT, Public Sector and Government

A constantly updated list of OSINT tools and techniques from across the open-source intelligence community, curated by Flashpoint The post OSINT Tools Library appeared first on Flashpoint ...

Threat Intelligence Blog | Flashpoint

The Benefits of Sock Puppets in Open-Source Intelligence (OSINT)

Kellep Charles | September 25, 2022 | FEATURED, Open Source Intelligence, OSINT, Sock Puppet

A Sock Puppet is fake persona, or an alternative online identity used to collect and investigate open-source information on a target. The post The Benefits of Sock Puppets in Open-Source Intelligence (OSINT) ...

SecurityOrb.com

Open Source Intelligence

pac4j CVE-2026-29000: Sonatype Finds 18 Additional Packages

Accelerate Secure Releases With Microsoft Copilot and Sonatype Guide

Modern Vulnerability Management in the Age of AI

The Human Element: Turning Threat Actor OPSEC Fails into Investigative Breakthroughs

The Great Shift: Cybersecurity Predictions for 2026 and the New Era of Threat Intelligence

AI Is Hard Work

Why Natural Language Processing Is Crucial for Open-Source Intelligence Analysts

OSINT APIs for Mere Mortals

OSINT Tools Library

The Benefits of Sock Puppets in Open-Source Intelligence (OSINT)

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On