Great leadership starts with better decision-making under pressure. 🎥Watch the free webinar 📘Get the CARVER Leadership Book carvertraininginstitute.com/… #CARVERLeadership #LeadershipDevelopment #DecisionMaking #RiskManagement #SecurityLeadership #IntelligenceAnalysis

We hope you can join us for the next session of our new webinar series Social Media & Open-Source Series! Join us July 8th at 1500 ET for "Snapchat." iaca.net/2026-series-webinar… #crimeanalyst #crimeanalysis #osint #socmint #intelligenceanalyst #intelligenceanalysis

Original Article journals.sagepub.com/doi/ful… For more on Police Science, subscribe to the free Police Science Dr email list on PoliceScienceDr.com #PoliceScience #CrimeAnalysis #IntelligenceAnalysis

🔎 Investigators, Analysts, and Researchers—This One’s for You! Struggling to keep up with the ever-changing landscape of financial intelligence sources? We’ve got you covered! Our comprehensive FININT course delivers: ✅ 49 lessons covering all major financial intelligence sources ✅ Continuous updates & new material—stay ahead of the curve ✅ Actionable insights for real-world analysis Join hundreds of professionals who are sharpening their skills and staying ahead in financial intelligence. 🔗 Sign up now! insightthreatintelligence.th… #FinancialInvestigations #FinCrime #AML #IntelligenceAnalysis

#IntelligenceAnalysis #SecurityAwareness #RiskManagement #CyberSecurity #ThreatIntelligence #Education

A horrific stabbing incident in #Belfast this week showed something every investigator, journalist, analyst, and security professional should understand: Open-Source Intelligence (OSINT) is no longer optional. Starting with a single BBC News article and a few basic Google searches, I was able to move quickly into ShadowDragon Horizon and begin mapping the publicly available online footprint connected to the suspect arrested in this case. In under 25 minutes, the picture started to form: Public social media presence. Profiles and connections. Posts, comments, and visible relationships. People online claiming to know him or be connected to him. Signals that help investigators understand context, networks, and possible relevance. That is the power of #OSINT. Not hacking. Not guessing. Not “doxxing.” Just disciplined collection, verification, and analysis of publicly available information. Cases like this are also a reminder of how fast information (and misinformation) moves after a violent incident. Within hours, narratives form. Anger spreads. Online claims become fuel. Communities can be put at risk. That is why responsible OSINT matters. Tools like ShadowDragon Horizon do not replace judgment, tradecraft, or ethics. They amplify them. They help investigators move from scattered fragments to structured intelligence: entities, links, timelines, networks, and context. The lesson is not simply that “you can find someone online.” The lesson is that, when used responsibly, OSINT can help us understand the wider information environment around a serious incident before speculation takes over. In modern investigations, the first crime scene is often physical. The second one is online. BBC context: bbc.co.uk/news/articles/cly0… #OSINT #OpenSourceIntelligence #ShadowDragon #Horizon #Investigations #IntelligenceAnalysis #DigitalInvestigations #SocialMediaIntelligence

AI-assisted reporting only works if the analyst is still the one thinking. Fast outputs mean nothing if the judgment behind them is gone. #HumanInTheLoop #AIReporting #IntelligenceAnalysis #Indago

Intelligence Notes #10 is out. This week: Civil Tort Against the Sovereign Shield: Two Lawsuits Pierce… Welcome to Edition 010. Subscribe (free): intelligencenotes.com/newsle… #HybridWarfare #IntelligenceAnalysis #OSINT

New Blog: I generated a realistic-looking Amsterdam street with AI. The instruction was deliberate: make it look like Amsterdam city center, but make sure the street does not actually exist. Then I opened a new ChatGPT chat, uploaded the image, and asked it to geolocate it like an OSINT analyst. It confidently identified the fictional street as Lange Niezel, Amsterdam. Then I asked it to look for AI tells. It concluded the image was likely real or photograph-based. That should worry every OSINT practitioner. The problem is no longer only fake images that look obviously fake. The problem is plausible images that look ordinary enough to pass visual inspection — and AI systems that may turn weak clues into confident conclusions. A rainy street. A café sign. A cargo bike. A few bollards. A place that feels real. But feeling real is not evidence. In the age of generative AI, geolocation must start with a different question: Not “Where is this?” But: “Can this image be grounded in reality at all?” Seeing is no longer believing. Verification is believing. Read the full blog here: dutchosintguy.com/post/the-a… #OSINT #Geolocation #ArtificialIntelligence #AI #Verification #DigitalForensics #IntelligenceAnalysis #Disinformation #Tradecraft

Today, we are announcing a milestone moment for our company: #Neo4j is acquiring @graph_aware, creating a new generation of open-standards intelligence analysis solutions. We understand that organizations demand open, explainable approaches to intelligence analysis to support their data sovereignty needs, and we truly believe that GraphAware Hume and Neo4j deliver this: GraphAware’s intelligence analysis capabilities and Neo4j’s graph intelligence platform will give government agencies a powerful, sovereignty-friendly alternative for collaborative investigation and explainable decision intelligence across complex, connected data. “For over a decade, governments have utilized proprietary, black-box intelligence analysis software,” says Neo4j CEO @emileifrem. “Now they have a legitimate open-standard alternative with GraphAware, powered by the Neo4j Graph Intelligence Platform. GraphAware is already trusted by government agencies worldwide. Bringing it into Neo4j makes it the clear leader in the intelligence analysis space.” Emil's blog: bit.ly/3RA9kyh Don’t miss out on this chat between Emil and Michal Bachman, GraphAware, CEO, where they talk about how the conversation began, what changes to expect, and why open is the only way. Full interview: youtu.be/axc4efbM4bM #GraphIntelligence #Intelligenceanalysis

🔎 Investigators, Analysts, and Researchers—This One’s for You! Struggling to keep up with the ever-changing landscape of financial intelligence sources? We’ve got you covered! Our comprehensive FININT course delivers: ✅ 49 lessons covering all major financial intelligence sources ✅ Continuous updates & new material—stay ahead of the curve ✅ Actionable insights for real-world analysis Join hundreds of professionals who are sharpening their skills and staying ahead in financial intelligence. 🔗 Sign up now! insightthreatintelligence.th… #FinancialInvestigations #FinCrime #AML #IntelligenceAnalysis

New Intelligence Analysis Standards, 3rd Edition! Designed for analysts at every level, these standards strengthen tradecraft and elevate the profession. Explore the document, apply it to your work, and help shape its future as a living resource. #IntelligenceAnalysis #Analytics

CPJ's 30 April Gaza report formally separates 32 journalist deaths as 'deliberately targeted' — the first application of this category in the organization's 32-year data-collection history. The finding institutionalizes what fog-of-war framing can no longer explain. #IntelligenceAnalysis

Intelligence Structural Analysis: Dismantling the Human Geography of the Iraqi Scene The Iraqi environment is governed by a sharp class dynamic that shapes the contours of conflict and the influence of arms across three distinct human layers: The Bourgeois Class (The Newly Rich): A limited and artificially created segment that monopolizes wealth and resources, managing major interest networks from behind the scenes.The Hazy Class (The Gray Zone): Divided intelligence-wise into two subgroups: 1. Government employees whose livelihood stability depends on the crumbs and outputs of the bourgeois class. 2. Daily survivors struggling under the heavy burden of securing basic needs. The Destitute Class (The Human Reservoir and the Root): This class represents the vital fuel used by the bourgeoisie to protect its financial and governmental empires from collapse. It is the original demographic core and the fertile environment from which the militias emerged and grew. It is also the very root from which the modern bourgeois class descended. Operational Conclusion: The militias are not merely armed organizations. They are the armed wing spawned by a distorted economic and social equation designed to protect the interests of an emerging parasitic bourgeois class. This deformed system cannot be addressed through traditional diplomacy or conventional social science theories. The only viable solution for dismantling it requires the adoption of a decisive and direct approach that targets the crushing of leadership networks and the drying up of funding and protection sources — in order to safeguard the Iraqi state and restore its sovereignty. #Iraq #IntelligenceAnalysis #DeepState #Militias #InstitutionalCorruption #ShadowEconomy #HUMINT @michaelgwaltz @HASCRepublicans @realDonaldTrump @POTUS @itamarbengvir @netanyahu @Israel_katz @CIA

🚨 İstihbarat analisti savaş görüntüsü izlediğinde beyninin “düşünme merkezi” gerçekten kapanıyor olabilir mi? @busrabegcecanl ile ortak çalışmamızda Meta’nın Mart 2026’da yayımladığı TRIBE v2 modeliyle (720 katılımcı, 1000 saat fMRI verisi) bunu in-silico olarak test ettik. Sonuçlar çarpıcı. Yüksek stresli savaş görüntüleri prefrontal korteksi baskılarken, diplomatik ve analitik içerikler beynin dil, muhakeme ve çalışma belleği ağlarını çok daha yoğun şekilde aktive ediyor. John Kerry’nin diplomatik konuşması, Lübnan saldırı görüntülerine kıyasla yaklaşık 2.85 kat daha yüksek ortalama kortikal aktivasyon üretiyor. Ayrıca resmi kurumsal iletişim ile duygusal/manipülatif siyasi mesajlaşmanın beyinde farklı “nöral imzalar” bıraktığını gözlemledik. Pentagon brifingi daha geniş analitik ve semantik ağları aktive ederken, manipülatif söylem daha dar sosyal-duygusal işlemleme bölgelerinde yoğunlaştı. Çalışma, TRIBE v2’nin propaganda analizi, medya etkileri, analist performansı ve stratejik iletişim araştırmaları için ölçeklenebilir yeni bir nörobilimsel araç olabileceğini gösteriyor. #TRIBEv2 #InSilicoNeuroscience #IntelligenceAnalysis #Neuroscience #MetaAI #TechnoPolitics

Take your team's analytical process to the next level. Join ERI's leaders for actionable advice on how to use red teaming to improve how you generate, write, and disseminate corporate intelligence. Register for the complimentary session here: emergentriskinternational.co… #FutureForwardResilience #IntelligenceCommunity #IntelligenceAnalysis

The transition from strategic intent to tactical execution occurs within a 45-day terminal window. Beyond this point, logistical and political costs make de-escalation statistically improbable. Clinical analysis of the indicators that signal the point of no return. #IntelligenceAnalysis #Geopolitics #StrategicRisk #TacticalOperations commandeleven.com/counter-te…

Unlock stronger corporate intelligence skills with ERI’s Corporate Intelligence Analysis, Tradecraft and Writing course. Designed for businesses who want their analysts' work to inform decisions at the highest level. ▪️Power business with data‑driven intelligence ▪️Write clearly and concisely for senior leaders and business stakeholders ▪️Demonstrate the value of your intelligence function with products executives actually use Ready to elevate your team’s intelligence tradecraft and writing for business? Learn more and register for CIATW here: emergentriskinternational.co… #IntelligenceAnalysis #RiskIntelligence #ProtectiveIntelligence #StrategicIntelligence #FutureForwardResilience

ANALYSIS OF ALLEGED HIGH-IMPACT LEAKS 🌐🛑 A new series of posts by the threat actor Rubicon was registered on its Telegram channel on April 16, 2026. The actor claims to have compromised global-scale national and corporate security infrastructures, directing users exclusively to its channel to obtain the files. LIST OF ALLEGED TARGETS (04/16/2026) The actor has posted the following high-profile headlines: GOOGLE data Salesforce: Alleged data exfiltration linked to the integration of Google and Salesforce. NATIONAL SECURITY AGENCY [NSA] data: Claim of possession of data belonging to the U.S. National Security Agency. American Airlines: Access to and database of over 500 million records. Shanghai National Police (SHGH): Alleged leak of Shanghai police records. Kenya Airports Authority: Compromise of the Kenya Airports Authority database. Rubicon's methodology shows similarities to that of groups impersonating ShinyHunters, who previously clarified that they did not have official Telegram channels while others used their name to resell data. Absence of Readable Samples: Unlike a genuine breach, there are no database samples (.sql, .csv) or evidence of active administrative access; only screenshots of file structures that could be recreated. Traffic Redirection: The use of high-impact names aims to force users to join the Telegram channel, a classic tactic for selling fake access or gaining quick "fame" in the community. Breach Recycling: There is a high probability that the actor is repackaging data from old breaches from 2023 or 2024 to present it as "Fresh Leaks" from 2026. ⏳ ACTIVITY TIMELINE (2025-2026) November 2025: Start of mass file releases (mainly PDFs and office documents). December 2025: The actor begins forwarding content from other cyber intelligence channels, diluting the originality of their "work." April 2026: Claims of high-level attacks against the US Federal Reserve and the Australian Department of Defence. After examining Rubicon's methodology, several red flags were identified that suggest the leaks could be fake or repackaged: Absence of Real Samples: Unlike other actors (such as Pharaoh's Team or ntmpd), Rubicon does not publish readable database logs or evidence of active administrative access in its main posts. Inconsistent Methodology: The channel abuses file forwarding from other Russian and Arabic channels, suggesting it acts more as a public file aggregator than a hacker with its own capabilities. Hype Narrative: The use of high-impact names (Federal Reserve, Defence Australia) without technical evidence is often a tactic to gain subscribers or attempt scams involving the sale of nonexistent data. Generic Files: Many of the shared documents appear to be public manuals or files previously indexed by PDF search engines, not exfiltrated internal data. 🔍 Monitor: analyzer.vecert.io #CyberSecurity #RubiconHack #IntelligenceAnalysis #VECERT #Cybersecurity #Hacking #InfoSec #CyberAttack #ThreatIntelligence

UNCLASSIFIED // OSINT Tiered Vulnerability in College Sports: Betting Liquidity, NIL Gaps, and Micro-Manipulation Risk Kevin Hollenbeck | Independent OSINT Analysis | April 2026 Analytic Scope: January 2025 – April 2026 Core Hypothesis Legal betting liquidity and NIL compensation disparities have converged to produce a tiered vulnerability environment. Under-compensated, lower-visibility athletes are selectively targeted for micro-manipulation due to lower opportunity cost, reduced scrutiny, and high leverage per dollar. This reflects rational actor optimization under asymmetric conditions rather than opportunistic corruption. Key Judgments • KJ-1 (High Confidence): The January 15, 2026 federal indictment charged 26 individuals in a point-shaving conspiracy involving >39 players across >17 Division I programs, affecting ≥29 games. Fixers offered $10k–$30k bribes (up to $40k) to athletes where payments would meaningfully supplement or exceed legitimate NIL earnings. Implicated players were disproportionately concentrated at mid- and low-major programs. • KJ-2 (Medium-High Confidence): NIL disparities amplify vulnerability. Power-conference athletes with high-value deals are largely insulated; players at smaller programs with minimal/zero NIL income face higher risk. NIL-driven digital visibility enables direct recruitment and coercion. • KJ-3 (Medium Confidence): Enforcement data indicate the dominant risk is localized micro-manipulation—especially first-half spreads and player props—rather than systemic control. Limited visibility into sportsbook data constrains full assessment. Assessment The risk arises from the interaction of betting liquidity (granular wagers), financial asymmetry (uneven NIL/revenue-sharing), and digital accessibility. Neither factor alone created it—the convergence did. The model is contingent: reducing any one factor materially degrades exploitability. This interdependence makes the risk adaptive rather than static. Revenue-sharing may lower vulnerability at well-resourced programs, but uneven adoption ensures disparities persist across much of Division I. The NCAA’s response (expanded “Draw the Line” campaign, monitoring >22,000 competitions, lifetime bans, and prop-bet restrictions) aligns with this targeted model. Bottom Line The January 2026 indictment validates a targeted exploitation model: betting liquidity, granular wagers, and uneven NIL compensation create a tiered vulnerability environment. Criminal actors selectively target under-compensated athletes at lower-visibility programs. The primary risk is localized micro-manipulation enabled by asymmetry and direct access. This bounded, selective pattern supports focused mitigation. #OSINT #ThreatIntelligence #RiskAnalysis #FraudRisk #SportsIntegrity #IntelligenceAnalysis