Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.
THREAT OF THE MONTH
12 Jun 2026 09:21
RoguePlanet Exploits a Windows Zero-Day Through Defender’s Quarantine Pipeline
SOC Prime Bias:
Critical
cyderes.com
10 Jul 2026 21:40
Impacket for Pentesters: Network Lateral Movement and Red Teaming
SOC Prime Bias:
High
Hacking Articles
10 Jul 2026 21:34
Phishers Exploit Meta Business Account Manager
SOC Prime Bias:
High
Huntress
10 Jul 2026 21:23
Impacket for Pentesters: Password Change Techniques
SOC Prime Bias:
High
Hacking Articles
10 Jul 2026 21:16
CVE-2026-44963: Indicators of Veeam Backup Service Exploitation
SOC Prime Bias:
Critical
GitHub
10 Jul 2026 21:09
UNC6692: Exploring the SNOW Malware Ecosystem
SOC Prime Bias:
Critical
extrahop.com
08 Jul 2026 19:21
UAT-7810 continues building ORB networks using new malware
SOC Prime Bias:
Critical
Cisco Talos Blog
08 Jul 2026 19:15
ClickFix to Cash-Out: Breaking Down a Mexican Banking Fraud Toolkit
SOC Prime Bias:
High
elastic.co
08 Jul 2026 19:09
JADEPUFFER Uses Agentic Ransomware for Automated Database Extortion
SOC Prime Bias:
Critical
sysdig.com
08 Jul 2026 19:01
Windows Service Published Through Administrator Access
SOC Prime Bias:
High
Purple Team
07 Jul 2026 00:57
Mustang Panda Uses ZOHOMURK and MINIRECON Against India’s Government and Energy Sectors