Threat Intelligence
1,955
Active IOCs
21
Geo-Blocked Origins
1
Dark Web Findings
0
DecoyPulse Triggers
Live Threat Feed
Critical
Emotet botnet infrastructure detected — 4 C2 IPs blocked
1h ago
High
New phishing campaign targeting UK financial services
1h ago
High
Microsoft Exchange CVE-2026-21413 — patch available
44m ago
Medium
RansomHub group claiming 3 new UK victims this week
1h ago
High
Dark web: 2 credential sets matching monitored domains found
58m ago
Medium
Cloudflare reports DDoS spike targeting .co.uk domains
41m ago
High
NCSC advisory: increased targeting of UK SMBs by APT29
1h ago
Low
SSL certificate for mail.company.co.uk expires in 14 days
14m ago
Informational
New IOCs added to threat feed — 847 indicators
57m ago
Medium
Anomalous BGP route change affecting UK ISP backbone
50m ago
MITRE ATT&CK Heatmap
Initial Access
23
Execution
29
Persistence
28
Privilege Escalation
33
Defence Evasion
71
Credential Access
33
Discovery
43
Lateral Movement
31
Collection
71
Command and Control
12
Exfiltration
34
Impact
63
Top Attack Origins
| Country | Events | |
|---|---|---|
| DE Germany | 449 | |
| KP North Korea | 355 | |
| VN Vietnam | 352 | |
| NG Nigeria | 343 | |
| FR France | 293 | |
| RO Romania | 292 | |
| IN India | 290 | |
| CN China | 271 | |
| GB United Kingdom | 259 | |
| US United States | 211 |
Indicators of Compromise (IOCs)
| Type | Value | Source | Status | First Seen | Last Seen | Hits |
|---|---|---|---|---|---|---|
| Domain | hack-299.cn |
VirusTotal | Active | 2026-07-06 | 2026-07-09 | 34 |
| IPv4 | 103.97.216.213 |
Cyber-Defence Intel | Active | 2026-07-01 | 2026-07-09 | 28 |
| URL | https://66.141.123.145/payload.exe |
Cyber-Defence Intel | Active | 2026-06-30 | 2026-07-11 | 37 |
| URL | https://94.249.93.166/payload.exe |
MISP Community | Active | 2026-06-21 | 2026-07-09 | 16 |
| URL | https://88.223.92.19/payload.exe |
AbuseIPDB | Under Review | 2026-07-09 | 2026-07-09 | 26 |
| Hash (SHA256) | 8974d5132764e83001c53e5fffe1274c |
MISP Community | Under Review | 2026-06-27 | 2026-07-11 | 28 |
| Domain | bad-692.tk |
Cyber-Defence Intel | Active | 2026-07-08 | 2026-07-09 | 15 |
| Hash (SHA256) | 2332a22b891c37eccd5b15203718242f |
VirusTotal | Active | 2026-06-29 | 2026-07-10 | 22 |
| IPv4 | 45.193.148.104 |
MISP Community | Expired | 2026-07-09 | 2026-07-10 | 46 |
| URL | https://40.232.108.56/payload.exe |
MISP Community | Active | 2026-07-10 | 2026-07-10 | 3 |
alert@threat-702.com |
AlienVault OTX | Under Review | 2026-07-04 | 2026-07-10 | 17 | |
| IPv4 | 194.163.62.244 |
AlienVault OTX | Expired | 2026-06-13 | 2026-07-09 | 12 |
| Domain | bad-503.cc |
NCSC Feed | Expired | 2026-06-20 | 2026-07-08 | 7 |
| Hash (SHA256) | dbbf3b20cce34af3aa5b093839d9fe56 |
VirusTotal | Active | 2026-06-15 | 2026-07-11 | 8 |
| URL | https://19.138.226.1/payload.exe |
MISP Community | Expired | 2026-07-03 | 2026-07-09 | 43 |
| Hash (SHA256) | 74b3e5ceaa0f8c2b7a671b6d7b657bfe |
VirusTotal | Active | 2026-06-23 | 2026-07-08 | 40 |
alert@threat-146.com |
Cyber-Defence Intel | Active | 2026-06-30 | 2026-07-09 | 35 | |
| Domain | bad-595.xyz |
Cyber-Defence Intel | Under Review | 2026-07-09 | 2026-07-10 | 29 |
| IPv4 | 103.46.216.175 |
Cyber-Defence Intel | Active | 2026-06-21 | 2026-07-10 | 21 |
| URL | https://75.105.246.162/payload.exe |
MISP Community | Active | 2026-06-25 | 2026-07-10 | 23 |
| Domain | hack-939.cc |
AbuseIPDB | Under Review | 2026-06-25 | 2026-07-11 | 10 |
| URL | https://14.143.104.215/payload.exe |
MISP Community | Expired | 2026-06-20 | 2026-07-10 | 25 |
| URL | https://60.181.36.198/payload.exe |
AbuseIPDB | Active | 2026-06-17 | 2026-07-09 | 32 |
| URL | https://80.175.54.3/payload.exe |
NCSC Feed | Active | 2026-06-19 | 2026-07-08 | 42 |
support@threat-760.com |
NCSC Feed | Expired | 2026-07-08 | 2026-07-11 | 32 | |
| URL | https://60.144.244.42/payload.exe |
MISP Community | Active | 2026-06-30 | 2026-07-09 | 11 |
| Hash (SHA256) | 56ff73d3c3b9041730538062015249b7 |
MISP Community | Under Review | 2026-07-03 | 2026-07-11 | 47 |
| URL | https://63.156.166.131/payload.exe |
NCSC Feed | Under Review | 2026-06-11 | 2026-07-09 | 10 |
| URL | https://70.133.133.24/payload.exe |
VirusTotal | Active | 2026-06-27 | 2026-07-09 | 44 |
| IPv4 | 45.19.148.161 |
AbuseIPDB | Active | 2026-06-30 | 2026-07-09 | 16 |