Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

tag icon THREAT OF THE MONTH
28 Nov 2025 18:53

Shai-Hulud: Widespread npm Supply Chain Attack

SOC Prime Bias: Critical

source icon

about.gitlab.com

23 Dec 2025 13:56

Prince of Persia: A 10-Year Retrospective on Iranian APT Activity

SOC Prime Bias: Critical

source icon

SafeBreach

23 Dec 2025 13:38

GeoServer Under Attack: Malware Coin Miner Campaigns

SOC Prime Bias: Critical

source icon

ASEC

23 Dec 2025 13:26

Stealth in Layers: Unmasking the Loader used in Targeted Email Campaigns

SOC Prime Bias: Critical

source icon

Cyble

18 Dec 2025 21:42

Phantom 3.5 – redential stealing malware delivered via a fake Adobe installer

SOC Prime Bias: Medium

source icon

K7 Labs

17 Dec 2025 17:33

The Detection & Response Chronicles: Exploring Telegram Abuse

SOC Prime Bias: Medium

source icon

NVISO Labs

17 Dec 2025 17:04

BlindEagle Targets Colombian Government Agency with Caminho and DCRAT

SOC Prime Bias: Critical

source icon

BlindEagle Targets Colombian Insurance Sector with BlotchyQuasar Read post

17 Dec 2025 16:49

FunkSec RaaS Operations: Blending Hacktivism and Cybercrime

SOC Prime Bias: High

source icon

picussecurity.com

16 Dec 2025 20:43

ClickFix Case Study: DarkGate Malware

SOC Prime Bias: Medium

source icon

Point Wild

16 Dec 2025 19:55

Browser Hijacking: Analysis of Three Techniques

SOC Prime Bias: Medium

source icon

gdatasoftware.com

16 Dec 2025 19:22

APT15 Cyber Espionage: Campaigns and TTPs Analysis

SOC Prime Bias: Critical

source icon

picussecurity.com