Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

tag icon THREAT OF THE MONTH
12 Jun 2026 09:21

RoguePlanet Exploits a Windows Zero-Day Through Defender’s Quarantine Pipeline

SOC Prime Bias: Critical

source icon

cyderes.com

10 Jul 2026 21:40

Impacket for Pentesters: Network Lateral Movement and Red Teaming

SOC Prime Bias: High

source icon

Hacking Articles

10 Jul 2026 21:34

Phishers Exploit Meta Business Account Manager

SOC Prime Bias: High

source icon

Huntress

10 Jul 2026 21:23

Impacket for Pentesters: Password Change Techniques

SOC Prime Bias: High

source icon

Hacking Articles

10 Jul 2026 21:16

CVE-2026-44963: Indicators of Veeam Backup Service Exploitation

SOC Prime Bias: Critical

source icon

GitHub

10 Jul 2026 21:09

UNC6692: Exploring the SNOW Malware Ecosystem

SOC Prime Bias: Critical

source icon

extrahop.com

08 Jul 2026 19:21

UAT-7810 continues building ORB networks using new malware

SOC Prime Bias: Critical

source icon

Cisco Talos Blog

08 Jul 2026 19:15

ClickFix to Cash-Out: Breaking Down a Mexican Banking Fraud Toolkit

SOC Prime Bias: High

source icon

elastic.co

08 Jul 2026 19:09

JADEPUFFER Uses Agentic Ransomware for Automated Database Extortion

SOC Prime Bias: Critical

source icon

sysdig.com

08 Jul 2026 19:01

Windows Service Published Through Administrator Access

SOC Prime Bias: High

source icon

Purple Team

07 Jul 2026 00:57

Mustang Panda Uses ZOHOMURK and MINIRECON Against India’s Government and Energy Sectors

SOC Prime Bias: High

source icon

Acronis