The Risk Letters

Every brief includes

01 Actively exploited vulnerabilities — every CISA KEV addition with exploitation context, remediation deadlines, and specific patch links.
02 Threat actor profiles — who's active, what they're targeting, TTPs mapped to MITRE ATT&CK, and IOC counts you can ingest today.
03 Cross-feed signal correlation — we connect dots that individual sources can't see: a CVE trending in exploitation probability + a threat pulse about a known actor = a signal that demands attention now.
04 Inline recommendations — not "patch your systems" — but which patch, which system, and by when.
05 Geographic threat intelligence — malicious IP hotspots, actor targeting patterns by region, and country-level risk context.

How it works

We collect

Every 24 hours, our pipeline pulls fresh vulnerability disclosures, exploit predictions, threat actor campaigns, and malicious infrastructure data.

We correlate

Raw feeds become intelligence when you cross-reference them. A CVE with rising exploitation probability mentioned in a threat pulse — that's a signal, not noise.

You act

Every threat comes with specific recommendations: which patch, which system, by when. Your morning brief becomes your team's daily action list.

Start your morning informed

No noise, no recycled press releases — just cross-correlated signals with specific recommendations you can act on today. Delivered 07:00 CET.

Researcher

Free

For researchers, students, academics, and non-profits.

+ Daily intelligence brief
+ CVE & KEV coverage
+ Threat actor tracking
+ Full archive access

Subscribe free

Commercial use

Business

9 EUR/month

For companies and commercial security teams.

+ Everything in Free
+ Commercial license
+ Team sharing permitted
+ Priority support

Start Business plan

From the makers of

The Risk Letters is powered by Risk Signal

The same intelligence engine behind this newsletter also powers Risk Signal — a predictive cyber risk platform currently being built — for security teams that need more than a daily email.

Continuous monitoring

Real-time correlation, not just daily snapshots. Alerts when new signals match your asset inventory.

Predictive risk scoring

Bayesian models that predict which vulnerabilities will be exploited before they're confirmed.

Vendor risk intelligence

Map third-party vendors to CVEs, actors, and exploitation scores. Know your supply chain exposure.

NIS2 compliance

Automated evidence collection and reporting for NIS2 Article 21 risk management requirements.

Risk Signal is scheduled for release in late 2026.