Dashboard

Cyber intelligence — daily exploited vulnerabilities and threat activity

A daily ETL fuses CISA's Known Exploited Vulnerabilities catalog, NVD severity data, published advisories, and ransomware leak-site activity — with confirmed exploitation kept distinct from mere severity.

Updated daily (per-source status shown in each snapshot)

Cyber intelligence — daily exploited vulnerabilities and threat activity

Open full screen ↗

The pipeline behind this dashboard runs once a day, writes an immutable dated snapshot, and republishes — the date selector replays any past day. It reads four public feeds (CISA KEV, NVD, CISA advisories, ransomware leak-site postings), correlates them into a confirmed-exploited-criticals view, and maps ransomware victim claims by country. Three of four sources need no API key, so it runs live out of the box; the optional NVD key only raises a rate limit. Per-source fetch status ships inside every snapshot. As with every prototype on this site: not an operational tool, and ransomware postings are unverified criminal claims — see the investigation Cyber intelligence as a daily instrument.