uk-osint.net 🇪🇺🇵🇸🇺🇦🏳️‍🌈🏳️‍⚧️

Companies House has put out a statement confirming that, for five months, every company in the UK was vulnerable to the simple exploit we identified on Friday. It enabled anyone in the world to view and change their company details.

the Google Reviews, then a persons Reviews are being limited just to the more recent ones & now Maps are not showing on the Google page, even when searching an address. All still showing in full when I'm using browser I am signed in, so not the end of the world but just annoying

Noticed that Google is being really annoying lately, lots of things no longer showing on a Google search, unless you sign-in. I know I can just sign-in under one of my fake name accounts, but its just annoying. I recently noticed photos from businesses have not been showing on

Using TOR and VPNs can shield your IP address, but they won't mask your browser fingerprint. Over 50 different variables quietly track and identify you online. Achieving true anonymity is more challenging than you might realize. hackers-arise.com/is-tor-safe-an… @three_cube

🔎 OSINT in Unexpected Places Join the UK OSINT Community at @KingsCollegeLon for an evening exploring how OSINT is used across counter-extremism, communications, regulation, and academia. 🎤 Rebecca Visser 🎤 Alex Gilmore 🎤 Adrian Flasher (@TPRgovuk) 🎤 @hrgwilson1 🍷 Event sponsored by @MaltegoHQ 📅 12 May | 18:00 🎟️ luma.com/oxyj021z

Courts have gotten IP geolocation wrong. An IP address is not a GPS coordinate. It resolves to network infrastructure, not a person's location. People have had their homes raided over this misunderstanding. Our free IP Lookup report explains exactly what the data means and what it doesn't. Digitally signed, SHA-256 hashed, built for disclosure.

🧢 At the UK OSINT Community event on Wednesday, we gave out 300+ beanies and sticker packs. Did you get one? Drop a photo of your UK OSINT Community beanie or stickers below 👇 🇬🇧 ❤️

I left my office again the other day, to go to London to meet up with some of the people in the UK OSINT Community, it is always good to chat to others about OSINT, so thanks to Nathaniel & Lindsay of @OSINT_Community for arranging it all

🇷🇺 Russian embassies are leaking more than they realise. An OSINT investigation analysed 324 diplomatic email addresses used by Russian embassies worldwide. The results reveal a huge digital footprint across the internet. 👇 osint.industries/project/russia…

adding more of an explanation on using these sites, for those that were slightly unsure of the benefit of using them when conducting OSINT research on a subject

We have updated the Hacked / Breached Account Research Sites & Links page on our OSINT / i3 website at uk-osint.net/hackedaccounts… with some more details and links,

Last night, @osmosiscon and the UK OSINT Community joined forces to bring together 300+ professionals to Oxford Street. For 5 hours, the community forged new relationships, strengthened partnerships and discussed the future. Together we see more 🇬🇧

Social Media ID Cheatsheet Practical guides to finding the user profile IDs (Instagram, Threads, TikTok, X) using page source code & OSINT tools. github.com/ravenastar-js/… #socmint

JUST IN: Meta sold 7 million Ray-Ban smart glasses in 2025 alone. Workers in Kenya are watching the footage. Not metadata. Not anonymized clips. The actual videos. People undressing. People in bathrooms. People having sex. Bank cards. Medical documents. The blurring is supposed to protect privacy. It fails constantly. The contractors see everything. Here is the part that should stop you cold: You did not buy the glasses. You did not agree to the terms of service. You did not consent to anything. But if someone wearing Meta glasses walks into your bedroom, your bathroom, your doctor's office, your home, a contractor on the other side of the world may be watching you right now. The person wearing the glasses consented. Everyone else in the room did not. Meta's defense is that this is all disclosed in the privacy policy. They are technically correct. Buried in language so dense that 99% of users never read it. And even if they did, it would not matter, because the terms govern the wearer's data. Not yours. You are not a party to the contract. You are the product being annotated. Millions of AI-enabled cameras walking around in public. Recording constantly. Uploading to servers. Reviewed by humans earning a few dollars an hour to label your most intimate moments so the algorithm gets smarter. This is not a bug. This is the business model. The EU is already asking questions. MEPs submitted formal inquiries to the Commission this week demanding answers on GDPR compliance. The problem is obvious: European data protection law requires consent from data subjects. Bystanders are data subjects. Bystanders never consented. The entire architecture violates the regulation by design. Meta's response has been silence and a reference to terms of service that do not apply to the people actually being filmed. Google Glass died because people called the wearers "Glassholes" and banned them from bars. Meta solved the social problem by making the glasses look normal. They did not solve the privacy problem. They hid it. Seven million units sold in 2025. The installed base is accelerating. Every unit is a potential surveillance node operated by someone who may not understand what they are feeding into the system and reviewed by contractors who see everything the algorithm cannot process. The question is not whether this becomes a scandal. The question is whether the scandal arrives before or after the glasses are on 50 million faces. Watch the EU. If Brussels moves on GDPR enforcement, Meta faces a choice: disable human review in Europe and cripple the AI training pipeline, or accept fines that could reach billions. Neither outcome is priced into the stock. The glasses are selling faster than ever. The contractors keep watching. And somewhere right now, someone you have never met is looking at footage of you that you never knew existed.

That long number in an X post URL? It's a Snowflake ID. It encodes the exact date and time the post was created. Even if the post is deleted, the URL tells you when it was published. Our free Timestamp Decoder instantly extracts it. But paste in the page source code, and it goes deeper. One Facebook page returned 853 hidden timestamps across the source. Server times, creation dates, and authentication tokens. Dates that never appear on screen. 100% client-side. Nothing leaves your browser.

We just released a free OSINT toolkit for investigators. IP Lookup (VPN/proxy detection + court-ready PDF) Username Search (600+ sites) Domain-to-IP with security scoring Email Header Analyzer Image EXIF Reader Timestamp Decoder Try instantly. Free account for ongoing access. No search data tracked.

Anyone else noticing this? X’s geocode:lat,lon,radius (tweets-by-location) search seems to have stopped working since 25 Feb 2026. #OSINT #Xsearch #SocialMediaMonitoring

📍 IMPORTANT! Venue Update: UK OSINT Community Evening Social – 4 March We’ve upgraded to Market Halls Oxford Street. Bigger space = everyone on the waitlist is now accepted ✅ Please share so no one turns up at the wrong place. Spots are open again, join the waitlist now 👇

🚨 Monitoring the Situation Report While parts of the world are monitoring missile launches, we are monitoring something far more immediate: BrewDog closing all bars for a day during its sale process 🍺 With our event scheduled there in two days, open-source collection is ongoing, sources are being validated, and contingency planning is complete 🕵️‍♂️ We have a confirmed backup venue ready if required.

Agents & Robotics HackXelerator AR26 kxsb.org/ar26