[root@sudodudes ~]# Threat Intel
What's actually happening out there.
Real feeds, refreshed every few hours by our own server - your browser never talks to CISA, NIST, OSV, or FIRST directly. The map below counts real requests our own WAF blocked. Method: /blog/reading-open-source-threat-feeds/ and /blog/live-threat-map-how-it-works/.
Blocked attacks by origin country
loading...Country-level aggregate counts only - see privacy policy for why that distinction matters. No IP addresses are ever published.
none low medium high
No blocked-request data yet - the aggregator runs once every 24h and this is a freshly deployed dashboard.
CISA Known Exploited Vulnerabilities
loading...Confirmed active exploitation in the wild - the highest-signal, drop-everything list in the industry.
NVD - critical severity, recent
OSV - open-source ecosystem advisories
EPSS - highest exploitation probability
Daily-updated probability of exploitation in the next 30 days, from real-world telemetry.