DMZ//THREAT INTEL
FEED ACTIVELAST SYNC: 06:12:51ZSOURCES: 14CRITICAL: 31
⚠ ACTIVE ALERTS
@GossiTheDog CRITICAL — Sampled credentials from the FortiBleed dataset and confirmed they are authentic. Many of… /// @MsftSecIntel CRITICAL — Tracking FortiBleed downstream activity. Buyers of the FortiGate credential sets are… /// @TalosSecurity CRITICAL — FortiBleed is just one piece of a broader IAB operation. The same Russian-speaking actor… /// @MalwareHunterTeam CRITICAL — The Gentlemen RaaS internal data leak (May 2026, ~16GB) confirmed operators actively… /// @CrowdStrike CRITICAL — Gentlemen RaaS affiliates are deploying GentleKiller variants that specifically target…
31Critical Threats
18Active CVEs
19IOCs Tracked
11New Advisories
CLASSIFIED // NEW HERE
DMZ surfaces threats hiding between the headlines.
We correlate signals across underground forums, security researcher posts on X, vendor disclosures, and CISA advisories — then publish what defenders actually need to know. No noise. No engagement bait. Just the threats that matter.
⚿ SEE SUBSCRIPTION TIERS→ HOW DMZ WORKS
// Latest Intelligence
29 REPORTS TODAY
INFO#EDITORIAL#BY JORDAN
Disclosed2026-05-15Added to DMZ2026-05-15

Why I'm Building DMZ

I served nine years in the Navy as an Aviation Boatswain's Mate before I ever touched a SIEM. A year into my first analyst role, I started building DMZ — the threat intel publication I wish existed when I was sitting at my desk a year ago,…

founders-noteintel-philosophymanifesto
READ BRIEF →
MEDIUM#ACTOR#CRIMINAL

AudiA6 / Dark2Web Criminal Organization

AudiA6 was an industrial-scale cryptocurrency laundering operation linked to more than 15 global investigations related to ransomware attacks and large-scale crypto theft. On June 10, 2026, Europol and the U.S. DOJ coordinated the arrest…

Added to DMZ2026-06-28
READ →
MEDIUM#ACTOR#CRIMINAL

Amadey / StealC MaaS Operators

As part of the ongoing Operation Endgame Phase 4 (June 2026), Europol and partners from six countries disrupted the Amadey and StealC malware-as-a-service networks, seizing 326 servers, freezing $47M in criminal cryptocurrency, and…

Added to DMZ2026-06-28
READ →
HIGH#DARK WEB#EXPLOIT

[FortiBleed] FortiGate / Fortinet VPN Credential Auction — 34,000 Lines

Auctioning verified FortiGate SSL-VPN and admin credentials. Dataset covers ████████████. Credentials validated via automated tooling. Targets indexed by sector and revenue. Starting bid ███████████, later raised to ███████████ after…

Added to DMZ2026-06-28
READ →
HIGH#DARK WEB#EXPLOIT

[FortiBleed] FortiGate / Fortinet Access — 35,000 Devices For Sale

Selling FortiGate SSL-VPN and admin access. Dataset contains URL, username, password, domain name, and revenue of organization for ████████████. Price: ███████. Actor references FortiBleed campaign by name. Same actor previously listed…

Added to DMZ2026-06-28
READ →