Actionable Cyber Threat Intelligence Blog | KELA...

Upcoming Webinar / The State of Cybercrime 2026

Read more

Cyber Intelligence Hub

Reduce your cyber risk and enhance your security posture with our expert resources. We provide the intelligence and strategies you need to protect your organization from evolving cyber threats.
AllCTICybercrimeDark Web
Infrastructure Destruction Squad & BLACKNET-00: The Rise of a Hybrid Hacktivist-Ransomware Threat
Threat Actor Spotlight

May 27, 2026

Infrastructure Destruction Squad & BLACKNET-00: The Rise of a Hybrid Hacktivist-Ransomware ThreatThe Infrastructure Destruction Squad, is a hybrid threat actor blending hacktivism with cybercrime. They recently launched the $300 BLACKNET-00 ransomware builder alongside critical infrastructure exp
Image of a hand holding money with a snake wrapped around the arm to show a digital version that's turned them into a money mule
Cybercrime

May 22, 2026

Exposing the Underground Mule-as-a-Service Economy: How AI and Telegram Are Reshaping Money LaunderingA defenders guide to the MaaS economy that industrializes money laundering
Inside The Gentlemen Leak: How a New RaaS Captured 10% of 2026’s Global Ransomware Victims
Threat Actor Spotlight

May 14, 2026

Inside The Gentlemen Leak: How a New RaaS Captured 10% of 2026’s Global Ransomware VictimsKELA’s deep dive into the 2026 Gentlemen Ransomware leak. See how they used Black Basta’s playbook and AI vibe-coding to become the world's #2 RaaS operation.
3 Minute Attribution of the ANTS Breach: Tracing “breach3d” Using KELA Intelligence and OSINT
Cybercrime

May 14, 2026

3 Minute Attribution of the ANTS Breach: Tracing “breach3d” Using KELA Intelligence and OSINT 3 Minute Attribution of the ANTS Breach: How KELA analysts attributed the ANTS breach — affecting ~12M French records — to a real-world individual in minutes, using threat intel and OSINT.
The State of Cybercrime 2026: From Prediction to Execution
CTI

April 29, 2026

The State of Cybercrime 2026From Prediction to Execution - Explore the State of Cybercrime 2026 insights on autonomous adversaries, AI-driven attacks, identity threats, macOS infostealers, ransomware, and geopolitical cyber risk
The Vacation Trap: Inside the Booking.com & VECT-TeamPCP Collaboration
CTI

April 15, 2026

The Vacation Trap: Inside the Booking.com & VECT-TeamPCP CollaborationIn April 2026, Booking.com - a $137 billion titan of the travel industry - confirmed a major security breach that exposed sensitive users' data. Intruders compromised internal systems and lurked undet
a black background with red text that says beyond the engine
CTI

March 31, 2026

Beyond the Regime: How Iran Weaponizes Cybercrime and Ransomware TacticsWhen U.S. organizations think of ransomware, the immediate image is often a financially motivated, Eastern European cybercriminal cartel operating a massive Ransomware-as-a-Service (RaaS) empire. Howe
a magnifying glass with the words kela on it
Threat Actor Spotlight

March 26, 2026

Law enforcement seizes Leakbase The Event: Operation Leak dismantling a major hub
a group of people sitting in front of a crowd
CTI

March 21, 2026

Beyond Threat Intelligence. Practical Resilience Lessons from SASIG at Lloyd’s of London.