Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

tag icon THREAT OF THE MONTH
12 Jun 2026 09:21

RoguePlanet Exploits a Windows Zero-Day Through Defender’s Quarantine Pipeline

SOC Prime Bias: Critical

source icon

cyderes.com

22 Jun 2026 22:55

Killing Me Gently: Inside Gentlemen’s EDR Killer Framework

SOC Prime Bias: Critical

source icon

welivesecurity.com

22 Jun 2026 22:48

OceanLotus (APT32) Explained: Tactics, Malware, and TTPs

SOC Prime Bias: Critical

source icon

picussecurity.com

22 Jun 2026 22:43

Prinz Eugen Ransomware: A Deep Dive into a New Go-Based Encryptor

SOC Prime Bias: Critical

source icon

ThreatDown by Malwarebytes

22 Jun 2026 16:09

ClickFix Campaign Generated Via AI Delivers SmartRAT

SOC Prime Bias: High

source icon

zscaler.com

22 Jun 2026 16:04

From Emerging Threat to Leading Ransomware-as-a-Service: The Evolution of INC Ransomware

SOC Prime Bias: Critical

source icon

Acronis

19 Jun 2026 10:55

Malware à la Mode: Inside Dropping Elephant’s Loader Chain

SOC Prime Bias: Critical

source icon

Rapid7

19 Jun 2026 10:48

Showboat Malware Targets Middle East Telecom Firms Since 2022

SOC Prime Bias: High

source icon

picussecurity.com

19 Jun 2026 10:36

ErrTraffic: Inside a Growing ClickFix Malware Distribution Framework

SOC Prime Bias: High

source icon

Sekoia.io Blog

19 Jun 2026 10:31

Akira, LimeWire, and the Sour Taste of Data Exfiltration

SOC Prime Bias: High

source icon

Huntress

19 Jun 2026 10:26

What Was Really Inside the Shortcut File Disguised as a Privacy Consent Form?

SOC Prime Bias: High

source icon

ASEC