Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

tag icon THREAT OF THE MONTH
25 Mar 2026 19:16

Iran Conflict Drives Surge in Espionage Activity Across Middle East Targets

SOC Prime Bias: Critical

source icon

Proofpoint

26 Mar 2026 16:24

T1547.004 in MITRE ATT&CK: Winlogon Helper Explained

SOC Prime Bias: High

source icon

picussecurity.com

26 Mar 2026 16:14

RegPhantom Backdoor: Threat Analysis and Detection Insights

SOC Prime Bias: Medium

source icon

nextron-systems.com

26 Mar 2026 16:07

Analyzing FAUX#ELEVATE: Threat Actors Target France with CV Lures to Deploy Crypto Miners and Infostealers Targeting Enterprise Environments

SOC Prime Bias: Medium

source icon

Securonix

26 Mar 2026 15:43

When Malware Talks Back: Real-Time Interaction with a Threat Actor During the Analysis of Kiss Loader

SOC Prime Bias: Medium

source icon

gdatasoftware.com

26 Mar 2026 15:16

GlassWorm Hides a RAT Inside a Malicious Chrome Extension

SOC Prime Bias: Critical

source icon

aikido.dev

25 Mar 2026 18:25

T1547.001 in MITRE ATT&CK: Registry Run Keys and Startup Folder Explained

SOC Prime Bias: Medium

source icon

picussecurity.com

25 Mar 2026 18:21

T1547.003 Time Providers in MITRE ATT&CK Explained

SOC Prime Bias: Critical

source icon

picussecurity.com

25 Mar 2026 17:36

That “job brief” on Google Forms could infect your device

SOC Prime Bias: Medium

source icon

Malwarebytes

25 Mar 2026 17:26

Tracing a Multi-Vector Malware Campaign: From VBS to Open Infrastructure

SOC Prime Bias: Medium

source icon

levelbluecyber

25 Mar 2026 17:18

From Invitation to Infection: How SILENTCONNECT Delivers ScreenConnect

SOC Prime Bias: Medium

source icon

elastic.co