Data-driven insights on cybersecurity breaches, vulnerabilities, and infrastructure signals.
I matched MX records against a vendor rule dictionary for 2,584 SEC EDGAR-linked entities. The Microsoft 365 share was unsurprising. The gateway market is a duopoly: Proofpoint and Mimecast account for 91.4% of non-mailbox MX matches.
Nearly 24,000 ransomware leak-site claims tracked over five years show volume growing at 31% annually. Gartner puts security spending growth at 10%. The gap is widening.
We analysed 1,031 breach notification filings that include time-to-detection data. Ransomware is found in a median of 19 days because it announces itself. Malware that exfiltrates silently takes 93 days. Non-profits take 160. Detection is getting faster, but only for the loud attacks.
129 ransomware groups posted 7,655 victim claims to leak sites over 376 days. We broke down every group, sector, country, and monthly trend in the data.
We combined SEC Form 4 insider transactions, FINRA short interest data, and public breach signals for 78 companies. 17 showed both insider dispositions and short interest movements within days of a breach date.
We analysed 171 ICO enforcement actions from January 2022 to February 2026. Public sector bodies received reprimands 80% of the time. Private companies were fined. Thirteen organisations appeared more than once.
We analysed 735 HHS OCR HIPAA breach filings and found 301,768,951 affected individuals in aggregate. Here is what that total means, what it does not mean, and what healthcare teams can do next.
Browse observed tech stacks, DNS posture, and open services for organisations. All data sourced from public authority records.
CIPHERCUE