MISP 2.5.39 is now available. This release includes a large set of improvements around the new dashboard experience, analyst-focused dashboard widgets, STIX interoperability, security fixes, and operational stability.

We recommend that all MISP 2.5 users upgrade, especially instances exposed to multiple users or relying on dashboards, event templates, TAXII, LDAP mixed authentication, or STIX import/export workflows.

#opensource #cti #misp #threatintelligence

🔗 https://www.misp-project.org/2026/06/05/misp.2.5.39.released.html/

Not sure I’m allowed to leak this yet, but the new MISP dashboard is kind of crazy.

We didn’t just refresh the old one, we rewrote it completely, and it comes with a whole set of new features and capabilities that change the game quite a bit.

#misp #cti #dashboard #opensource

@misp

Yesterday, in our very warm office, an interesting discussion emerged: there was no dedicated taxonomy for evaluating Cyber Threat Intelligence (CTI) in MISP.

So, we created one called: cti-evaluation

🔗 https://www.misp-project.org/taxonomies.html#_cti_evaluation

My colleagues Théo Geffe and Christian Studer then took it one step further by implementing it in CTI-transmute.

From discussion to a first implementation and tests in less than 48 hours, not too bad! Feedback on the taxonomy is more than welcome. And you can already test it live on cti-transmute.org

🔗 https://cti-transmute.org/convert/detail/93

#cti #misp #cybersecurity #threatintelligence #opensource #threatintel

@misp
@circl

This release includes a major new feature: a graph visualisation for the MISP standard and STIX format, making it easier to explore, understand, and present CTI data structures directly from JSON.

CTI Transmute is an online service available at cti-transmute.org and also an open source project available on GitHub.

The FIRST CTI 2026 conference in Munich was a great source of feedback for this release. Many of the improvements and new features introduced in v1.2 came directly from discussions, demonstrations, and feedback gathered during the event. Thank you to everyone who tested, commented, challenged ideas, and shared practical use cases.

#cti #stix #misp #standard #interoperability #cybersecurity

🔗 Release notes CTI Transmute https://github.com/MISP/cti-transmute
🔗 Release notes misp-stix https://github.com/MISP/misp-stix/releases/tag/2026.5.13

Did you know we have a @misp feed? We do!

Discourse posts with valuable indicators are added to our feed, which is free for all.

https://misp.ifin.network/feed (/manifest.json for manual review)

#MISP #ThreatIntel #ThreatIntelligence #IFIN

The Synthetic Exercise World Format provides fictional countries, companies, sectors, and threat actors with structured metadata for neutral CTI examples, exercises, interoperability tests, and standards documentation without referencing real-world sensitive entities.

I just released version 1.0.

#cti #opensource #misp #cybersecurity #threatintelligence #threatintel

🔗 GitHub - https://github.com/MISP/Synthetic-Exercise-World-Format

Drone and UAV Forensic

This repository is designed to accelerate the forensic analysis of DIY FPV drones and to help automate technical reporting from seized or recovered artifacts.

The goal is pragmatic: extract useful evidence faster, normalize outputs, and produce data that can be reused in reports or shared into investigative platforms such as MISP.

🔗 https://github.com/CIRCL/Drone-Forensic

#drone #uav #opensource #dfir #threatintelligence #threatintel #misp #digitalforensics

@circl
@misp

Some updates on the MISP Galaxy website:

https://www.misp-galaxy.org/mitre-fraud-framework/#

It now includes a matrix-like view of the galaxy for @misp

#misp #cti #threatintel #threatintelligence

⚙️ Technical Spotlight: New Session at BSides Luxembourg 2026

𝗟𝗜𝗚𝗛𝗧𝗡𝗜𝗡𝗚 𝗧𝗔𝗟𝗞: 𝗠𝗜𝗦𝗣 𝗪𝗢𝗥𝗞𝗕𝗘𝗡𝗖𝗛– Luciano Righetti

Lightning Talk (5 minutes)

Catch a sharp 5-minute lightning talk introducing MISP Workbench, a lightweight platform designed to bring fast, actionable threat intelligence directly to the frontlines. Built for edge deployments and threat hunters, this tool focuses on speed, accessibility, and enabling defenders to operate effectively even in constrained environments.

This session highlights how MISP Workbench enhances threat intelligence workflows, making it easier to collect, process, and act on data anytime, anywhere. A practical glimpse into modern, field-ready tooling for security teams looking to stay agile and responsive.

Luciano Righetti is a software engineer with a strong passion for cybersecurity, formerly contributing as a MISP core developer at CIRCL. His work focuses on building practical tools that support threat intelligence operations and strengthen Luxembourg’s cybersecurity ecosystem.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://pretalx.com/bsidesluxembourg-2026/schedule/
📲 Want to navigate the event easily? Check out the full schedule on Hacker Tracker:
https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #CyberSecurity #ThreatIntelligence #MISP #BlueTeam #OpenSource

Excited to share that the MITRE Fight Fraud Framework™ (F3) is now included in the default MISP galaxy and available across all MISP instances.

F3 is a curated knowledge base of tactics and techniques used by financial fraud actors, helping analysts structure, share, and enrich fraud-related intelligence more effectively.

A great step forward for the MISP community and for teams tracking financial fraud.

🔗 https://github.com/MISP/misp-galaxy

@misp
@circl

#misp #financialfraud #threatintel #threatintelligence #opensource
#financial