In 2025, 59 CVEs quietly flipped to “known ransomware use” in CISA’s KEV...no alerts, no fanfare. 🧐
We dug through a year of JSON to catch every silent flip and built an RSS feed so you don’t miss the next one.
Read the blog + grab the feed 🗞️
https://www.greynoise.io/blog/unmasking-cisas-hidden-kev-ransomware-updates
RE: https://infosec.exchange/@greynoise/116002702711084624
My latest pet project, an RSS feed to alert you to the silent KEV knownRansomwareCampaignUse flips!
(Did you know there were four CVEs flipped last week?) #threatintel