Flashpoint

𝗙𝗹𝗮𝘀𝗵𝗽𝗼𝗶𝗻𝘁’𝘀 𝟮𝟬𝟮𝟱 𝗚𝗹𝗼𝗯𝗮𝗹 𝗧𝗵𝗿𝗲𝗮𝘁 𝗜𝗻𝘁𝗲𝗹𝗹𝗶𝗴𝗲𝗻𝗰𝗲 𝗥𝗲𝗽𝗼𝗿𝘁 (𝗚𝗧𝗜𝗥) 𝗶𝘀 𝗵𝗲𝗿𝗲! Threat actors are operating at unprecedented speed and scale, making real-time threat intelligence more critical than ever. Powered by Flashpoint’s collection of over 3.6 petabytes of best-in-class data, the GTIR provides the critical data and insights security teams need to identify emerging threats, mitigate risk, and proactively strengthen defenses. 𝗙𝗼𝘂𝗿 𝗰𝗿𝗶𝘁𝗶𝗰𝗮𝗹 𝘁𝗿𝗲𝗻𝗱𝘀 𝘀𝗵𝗮𝗽𝗶𝗻𝗴 𝘁𝗵𝗲 𝟮𝟬𝟮𝟱 𝘁𝗵𝗿𝗲𝗮𝘁 𝗹𝗮𝗻𝗱𝘀𝗰𝗮𝗽𝗲: 🔸 𝗗𝗮𝘁𝗮 𝗯𝗿𝗲𝗮𝗰𝗵 𝗮𝗰𝘁𝗶𝘃𝗶𝘁𝘆 𝗶𝗻𝗰𝗿𝗲𝗮𝘀𝗲𝗱 𝟲% 𝗶𝗻 𝟮𝟬𝟮𝟰, 𝗳𝘂𝗲𝗹𝗶𝗻𝗴 𝘁𝗵𝗲 𝗰𝘆𝗯𝗲𝗿𝗰𝗿𝗶𝗺𝗲 𝗲𝗰𝗼𝘀𝘆𝘀𝘁𝗲𝗺. Over 3.2 billion credentials were stolen in 2024—a 33% increase from the previous year. This stolen data dominates illicit marketplaces and fuels illegal campaigns such as ransomware and other types of malware. 🔸 𝗜𝗻𝗳𝗼𝘀𝘁𝗲𝗮𝗹𝗲𝗿𝘀 𝗮𝗿𝗲 𝗮 𝗴𝗿𝗼𝘄𝗶𝗻𝗴, 𝗿𝗲𝘀𝗶𝗹𝗶𝗲𝗻𝘁 𝘁𝗵𝗿𝗲𝗮𝘁, 𝗱𝗿𝗶𝘃𝗶𝗻𝗴 𝘁𝗵𝗲 𝗿𝗶𝘀𝗲 𝗶𝗻 𝘀𝘁𝗼𝗹𝗲𝗻 𝗰𝗿𝗲𝗱𝗲𝗻𝘁𝗶𝗮𝗹𝘀. 75% of stolen credentials in 2024 were sourced from infostealers, making it a go-to tool for attackers. With new strains constantly emerging, organizations can’t afford to ignore this rapidly evolving threat. 🔸 𝗥𝗮𝗻𝘀𝗼𝗺𝘄𝗮𝗿𝗲 𝗮𝘁𝘁𝗮𝗰𝗸𝘀 𝗿𝗼𝘀𝗲 𝟭𝟬% 𝗶𝗻 𝟮𝟬𝟮𝟰, 𝗮𝗻𝗱 𝘀𝗵𝗼𝘄 𝗻𝗼 𝘀𝗶𝗴𝗻𝘀 𝗼𝗳 𝘀𝗹𝗼𝘄𝗶𝗻𝗴 𝗱𝗼𝘄𝗻. Following an 84% surge in 2023, ransomware attacks rose another 10% in 2024, driven by Ransomware-as-a-Service (RaaS). The five most prolific RaaS groups—Lockbit, Ransomhub, Akira, Play, and Qilin—accounted for 47% of attacks. 🔸 𝗩𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗶𝗹𝗶𝘁𝗶𝗲𝘀 𝗶𝗻𝗰𝗿𝗲𝗮𝘀𝗲𝗱 𝟭𝟮% 𝗶𝗻 𝟮𝟬𝟮𝟰, 𝗰𝗿𝗲𝗮𝘁𝗶𝗻𝗴 𝗮𝗻 𝗼𝘃𝗲𝗿𝘄𝗵𝗲𝗹𝗺𝗶𝗻𝗴 𝗰𝗵𝗮𝗹𝗹𝗲𝗻𝗴𝗲 𝗳𝗼𝗿 𝘃𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗶𝗹𝗶𝘁𝘆 𝗺𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 𝘁𝗲𝗮𝗺𝘀. A record-breaking 37,302 vulnerabilities were disclosed in 2024—a 12% YoY increase. 39% have publicly available exploit code, posing an immediate risk to organizations, forcing security teams to rethink their prioritization and patching processes before exploits can be weaponized against them. Download the report now to gain: - A clear understanding of converging threats. - Insights into the tactics, techniques, and procedures (TTPs) of today’s most prolific threat actors. - Actionable intelligence for proactive security. 🔗 https://lnkd.in/eGW4kT7G #ThreatIntelligence #CyberSecurity

Flashpoint customers use our vulnerability intelligence to cut through the noise and focus on the vulnerabilities that matter most. With hundreds of vulnerabilities disclosed every week, knowing where to start can be overwhelming. That’s why security teams rely on Flashpoint to prioritize what’s exploitable, impactful, and urgent—helping them move faster on the vulnerabilities that pose the greatest risk. Notable vulnerabilities in this week’s 𝗙𝗹𝗮𝘀𝗵𝗽𝗼𝗶𝗻𝘁 𝗩𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗶𝗹𝗶𝘁𝘆 𝗜𝗻𝘀𝗶𝗴𝗵𝘁𝘀 𝗮𝗻𝗱 𝗣𝗿𝗶𝗼𝗿𝗶𝘁𝗶𝘇𝗮𝘁𝗶𝗼𝗻 𝗥𝗲𝗽𝗼𝗿𝘁: ➡️ 𝗔𝗽𝗽𝗹𝗲 𝗪𝗲𝗯𝗞𝗶𝘁 𝗭𝗲𝗿𝗼-𝗗𝗮𝘆 (𝗖𝗩𝗘-𝟮𝟬𝟮𝟱-𝟮𝟰𝟮𝟬𝟭): Actively exploited sandbox escape vulnerability, allowing attackers to break isolation protections and execute malicious code. ➡️ 𝗙𝗿𝗲𝗲𝗧𝘆𝗽𝗲 𝗜𝗻𝘁𝗲𝗴𝗲𝗿 𝗢𝘃𝗲𝗿𝗳𝗹𝗼𝘄 (𝗖𝗩𝗘-𝟮𝟬𝟮𝟱-𝟮𝟳𝟯𝟲𝟯): A critical heap-based buffer overflow in the widely used font-rendering library, potentially leading to arbitrary code execution. ➡️ 𝗜𝗕𝗠 𝗤𝗶𝘀𝗸𝗶𝘁 𝗦𝗗𝗞 𝗜𝗻𝘀𝗲𝗰𝘂𝗿𝗲 𝗗𝗲𝘀𝗲𝗿𝗶𝗮𝗹𝗶𝘇𝗮𝘁𝗶𝗼𝗻 (𝗖𝗩𝗘-𝟮𝟬𝟮𝟱-𝟮𝟬𝟬𝟬): A publicly disclosed flaw that enables attackers to execute arbitrary code by crafting malicious QPY files. ➡️ 𝗔𝗽𝗮𝗰𝗵𝗲 𝗖𝗮𝗺𝗲𝗹 𝗛𝗲𝗮𝗱𝗲𝗿 𝗜𝗻𝗷𝗲𝗰𝘁𝗶𝗼𝗻 (𝗖𝗩𝗘-𝟮𝟬𝟮𝟱-𝟮𝟵𝟴𝟵𝟭): A command execution vulnerability affecting enterprise integrations, allowing attackers to bypass security filters. 📥 Read the latest report and enhance your security posture: https://lnkd.in/dEWjDDCk #VulnerabilityManagement #ThreatIntelligence #CyberSecurity

Flashpoint’s just-released 2025 Global Threat Intelligence Report (GTIR) reveals a staggering 3.2 billion credentials were stolen in 2024, with 75%—2.1 billion—compromised by infostealers. Thank you to Forbes' Davey Winder for spotlighting the GTIR and highlighting the alarming findings: “Among the standout statistics for me was the fact that while the number of security vulnerabilities grew by 12%, an astonishing 39% of the total have known exploits out there. Then there were the inevitable ransomware threat numbers, which, unfortunately, look like they are going in the wrong direction with a 10% increase in such attacks. Oh, and I should really also mention that, across all industry sectors, data breaches were up by 6% as well. But none of these grabbed my attention by the throat as much as those concerning the infostealer malware threat.” - David Winder, Forbes Read more in Forbes: https://lnkd.in/eD7XyXMQ Or download the full report: https://lnkd.in/eGW4kT7G #Cybersecurity #ThreatIntelligence #Infostealers

During high-profile events—elections, major sporting events, breaking news—threat actor activity surges. Analysts face an overwhelming influx of data from dark web discussions, disinformation campaigns, financial anomalies, and physical security threats. The challenge? Separating real threats from the noise, fast. Join Nicole Reihl Eshenbaugh, Senior Strategic Advisor at Flashpoint, for a tactical session on OSINT techniques for critical threat detection on 𝗠𝗮𝗿𝗰𝗵 𝟮𝟱𝘁𝗵 𝗮𝘁 𝟮 𝗣𝗠 𝗘𝗧. Learn how to: 🔸 Turn real-time data into actionable insights for security and investigative teams. 🔸 Recognize early warning signs of emerging threats across online and physical spaces. 🔸 Streamline intelligence workflows to manage overwhelming volumes of information. Don’t miss a chance to learn these proven methodologies—register now: https://lnkd.in/eivG-_TX #ThreatIntelligence #OSINT #CyberThreats

Flashpoint customers leverage our vulnerability intelligence to prioritize and contextualize remediation—helping them take decisive action against the most pressing threats. With new vulnerabilities emerging daily, security teams need to know which ones require immediate attention and why. The 𝗙𝗹𝗮𝘀𝗵𝗽𝗼𝗶𝗻𝘁 𝗩𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗶𝗹𝗶𝘁𝘆 𝗜𝗻𝘀𝗶𝗴𝗵𝘁𝘀 𝗮𝗻𝗱 𝗣𝗿𝗶𝗼𝗿𝗶𝘁𝗶𝘇𝗮𝘁𝗶𝗼𝗻 𝗥𝗲𝗽𝗼𝗿𝘁 delivers intelligence that helps organizations stay ahead of emerging threats and make informed patching decisions before vulnerabilities are exploited. Notable vulnerabilities this week: ➡️ 𝗔𝗽𝗮𝗰𝗵𝗲 𝗧𝗿𝗮𝗳𝗳𝗶𝗰 𝗦𝗲𝗿𝘃𝗲𝗿 𝗔𝗖𝗟 𝗠𝗶𝘀𝗰𝗼𝗻𝗳𝗶𝗴𝘂𝗿𝗮𝘁𝗶𝗼𝗻 (𝗖𝗩𝗘-𝟮𝟬𝟮𝟰-𝟱𝟲𝟭𝟵𝟲): Improper handling of access control lists in legacy versions can expose organizations to unauthorized access and security gaps. ➡️ 𝗧𝗼𝗗𝗲𝘀𝗸𝘁𝗼𝗽 𝗙𝗶𝗿𝗲𝗯𝗮𝘀𝗲 𝗔𝗱𝗺𝗶𝗻 𝗞𝗲𝘆 𝗗𝗶𝘀𝗰𝗹𝗼𝘀𝘂𝗿𝗲 (𝗖𝗩𝗘-𝟮𝟬𝟮𝟱-𝟮𝟳𝟱𝟱𝟰): A critical flaw that allows remote attackers to inject malicious code into client applications. ➡️ 𝗩𝗠𝘄𝗮𝗿𝗲 𝗘𝗦𝗫𝗶/𝗪𝗼𝗿𝗸𝘀𝘁𝗮𝘁𝗶𝗼𝗻 𝗥𝗮𝗰𝗲 𝗖𝗼𝗻𝗱𝗶𝘁𝗶𝗼𝗻 (𝗖𝗩𝗘-𝟮𝟬𝟮𝟱-𝟮𝟮𝟮𝟮𝟰): Actively exploited in the wild, this flaw enables guest-to-host code execution—posing a major risk in virtualized environments. ➡️ 𝗪𝗲𝗶𝗱𝗺𝘂𝗲𝗹𝗹𝗲𝗿 𝗣𝗥𝗢𝗖𝗢𝗡-𝗪𝗜𝗡 𝗛𝗮𝗿𝗱𝗰𝗼𝗱𝗲𝗱 𝗖𝗿𝗲𝗱𝗲𝗻𝘁𝗶𝗮𝗹𝘀 (𝗖𝗩𝗘-𝟮𝟬𝟮𝟱-𝟭𝟯𝟵𝟯): A severe misconfiguration that allows remote attackers to gain privileged access with default credentials. Read the full report and strengthen your security posture: https://lnkd.in/dEWjDDCk #VulnerabilityManagement #ThreatIntelligence #CyberSecurity

As organizations bring employees back to the office, security teams are facing a very different threat landscape than they did just a few years ago with new security challenges:  🔸 Rising workplace violence, social engineering threats, and insider risks are converging with digital attack surfaces that have expanded after years of remote work reliance. At the same time, employees who have spent extended periods outside a corporate office setting may be less attuned to physical security risks than before. 🔸 Without proactive adjustments to physical security, access control, and cybersecurity policies, organizations risk exposing employees, assets, and sensitive data to unnecessary threats. 🔸 Pre-pandemic security models no longer apply. Keeping workplaces safe now requires a holistic approach that integrates physical security, access control, and cyber intelligence. Our latest blog breaks down the key risks security teams need to consider: https://lnkd.in/e629cdyF For a structured approach to securing the modern workplace, download our Return to Office Security Checklist to get expert physical security, access control and cybersecurity recommendations: https://lnkd.in/e2M6FXMt #ThreatIntelligence

🚨 𝗡𝗲𝘄 𝗣𝗿𝗼𝗱𝘂𝗰𝘁 𝗨𝗽𝗱𝗮𝘁𝗲: 𝗙𝗹𝗮𝘀𝗵𝗽𝗼𝗶𝗻𝘁’𝘀 𝗦𝗽𝗹𝘂𝗻𝗸 𝗧𝗲𝗰𝗵𝗻𝗶𝗰𝗮𝗹 𝗜𝗻𝗱𝗶𝗰𝗮𝘁𝗼𝗿𝘀 𝗔𝗽𝗽 🚨 We’re excited to announce the release of the 𝗙𝗹𝗮𝘀𝗵𝗽𝗼𝗶𝗻𝘁 𝗧𝗲𝗰𝗵𝗻𝗶𝗰𝗮𝗹 𝗜𝗻𝗱𝗶𝗰𝗮𝘁𝗼𝗿𝘀 𝗔𝗽𝗽 𝗳𝗼𝗿 𝗦𝗽𝗹𝘂𝗻𝗸, designed to give security teams enhanced visibility into cyber threats. By integrating Flashpoint’s award-winning threat intelligence directly into Splunk, organizations can now easily access real-time data, identify emerging threats faster, and take action to mitigate risks across their networks. Key benefits: 🔸 Effortless integration with Splunk 🔸 Real-time threat intelligence at your fingertips 🔸 Streamlined workflow for faster decision making 🔸 Greater accuracy in identifying critical threats Learn more and start leveraging this powerful tool today: https://lnkd.in/eKps9rH4 #ThreatIntelligence #Splunk #Cybersecurity

The FS-ISAC Spring Summit is in full swing. We’ve enjoyed talking to many of you already about the biggest security challenges facing the financial sector—AI-driven fraud, rising cyber threats, and the increasing convergence of cyber and physical risks. If you haven’t stopped by yet, we’d love to connect with you to discuss the top threats of 2025, explore intelligence-driven security strategies, or just say hello. Find us at 𝗕𝗼𝗼𝘁𝗵 #𝟯 for: 🔸 𝗗𝗲𝗲𝗽-𝗱𝗶𝘃𝗲 𝗶𝗻𝘀𝗶𝗴𝗵𝘁𝘀 on the most pressing financial security threats 🔸 𝗧𝗿𝗶𝘃𝗶𝗮 𝗰𝗵𝗮𝗹𝗹𝗲𝗻𝗴𝗲 & 𝗽𝗿𝗶𝘇𝗲 𝘄𝗵𝗲𝗲𝗹—Test your security knowledge and win! 🔸 𝗟𝗶𝘃𝗲 𝗱𝗲𝗺𝗼𝘀 showcasing how Flashpoint helps teams mitigate risk Want to chat 1:1 with a Flashpoint expert? Book a meeting: https://lnkd.in/dDDxESBf #FSISAC #FinancialSecurity #ThreatIntelligence

This latest 𝗙𝗹𝗮𝘀𝗵𝗽𝗼𝗶𝗻𝘁 𝗩𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗶𝗹𝗶𝘁𝘆 𝗜𝗻𝘀𝗶𝗴𝗵𝘁𝘀 𝗮𝗻𝗱 𝗣𝗿𝗶𝗼𝗿𝗶𝘁𝗶𝘇𝗮𝘁𝗶𝗼𝗻 𝗥𝗲𝗽𝗼𝗿𝘁 helps organizations proactively identify and mitigate the most high-impact threats. Here’s what’s covered: 🔸 𝟭𝟬𝟲 𝘃𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗶𝗹𝗶𝘁𝗶𝗲𝘀 with publicly available exploits, remote exploitability, and available solutions. 🔸 𝟰 𝘂𝗿𝗴𝗲𝗻𝘁 𝘃𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗶𝗹𝗶𝘁𝗶𝗲𝘀 that, if exploited, could allow full system compromise, affecting widely used enterprise products. 🔸 𝗗𝗲𝘁𝗮𝗶𝗹𝗲𝗱 𝗮𝗻𝗮𝗹𝘆𝘀𝗶𝘀 on how these vulnerabilities are exploited, their impact, and steps you can take to mitigate risk. 🚨 𝗞𝗲𝘆 𝘃𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗶𝗹𝗶𝘁𝗶𝗲𝘀 𝘁𝗵𝗶𝘀 𝘄𝗲𝗲𝗸: 📌 𝗖𝗩𝗘-𝟮𝟬𝟮𝟱-𝟮𝟳𝟯𝟲𝟰 – A critical remote code execution vulnerability in MITRE Caldera’s Manx and Sandcat plugins, allowing attackers to inject linker arguments via HTTP headers and execute arbitrary shell commands. 📌 𝗖𝗩𝗘-𝟮𝟬𝟮𝟱-𝟮𝟳𝟭𝟰𝟬 – A remote OS command injection flaw in WeGIA’s database import functionality, allowing attackers to execute arbitrary commands on the server. 📌 𝗖𝗩𝗘-𝟮𝟬𝟮𝟱-𝟮𝟳𝟭𝟯𝟱 – A SQL injection vulnerability in RAGFlow’s ExeSQL class, enabling unauthorized database manipulation or data theft. 📌 𝗖𝗩𝗘-𝟮𝟬𝟮𝟰-𝟴𝟰𝟮𝟬 – A WordPress DHVC Form plugin vulnerability, allowing privilege escalation through improper role assignment during registration. 🔗 Get the full breakdown and take action: https://lnkd.in/dEWjDDCk #VulnerabilityManagement #VulnerabilityIntelligence #CyberSecurity

The financial sector faces relentless threats that are evolving quickly, from AI-powered fraud to vulnerability exploitation. Flashpoint is on the ground at FS-ISAC 𝗦𝗽𝗿𝗶𝗻𝗴 𝗦𝘂𝗺𝗺𝗶𝘁 in New Orleans helping security teams stay ahead of emerging threats with deep, actionable intelligence. 🔎 𝗧𝗼𝗽 𝘁𝗵𝗿𝗲𝗮𝘁𝘀 𝘀𝗵𝗮𝗽𝗶𝗻𝗴 𝟮𝟬𝟮𝟱: 🔸 𝗩𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗶𝗹𝗶𝘁𝘆 𝗼𝘃𝗲𝗿𝗹𝗼𝗮𝗱: Threat actors are exploiting vulnerabilities as an initial access vector 180% more than in 2023. Prioritization isn’t optional—it’s mission-critical.  🔸 𝗔𝗜-𝗽𝗼𝘄𝗲𝗿𝗲𝗱 𝗳𝗿𝗮𝘂𝗱 & 𝗳𝗶𝗻𝗮𝗻𝗰𝗶𝗮𝗹 𝗰𝗿𝗶𝗺𝗲: Generative AI is fueling a 1,265% surge in cybercrime, making fraud detection more challenging than ever. 🔸 𝗖𝗼𝗻𝘃𝗲𝗿𝗴𝗶𝗻𝗴 𝗿𝗶𝘀𝗸𝘀: Cyber, physical, and geopolitical threats are no longer separate—they're interconnected, creating new challenges and demanding a unified approach. 📍 𝗟𝗲𝘁’𝘀 𝘁𝗮𝗹𝗸 𝘀𝗼𝗹𝘂𝘁𝗶𝗼𝗻𝘀. Meet us at 𝗕𝗼𝗼𝘁𝗵 #𝟯 𝗼𝗿 𝗠𝗲𝗲𝘁𝗶𝗻𝗴 𝗥𝗼𝗼𝗺 #𝟮 to explore how Flashpoint’s award-winning intelligence empowers financial institutions to proactively defend against emerging threats with the best data and best intelligence. 🔗 Book a meeting with us: https://lnkd.in/dDDxESBf #FSISAC #ThreatIntelligence #FinancialSecurity