Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

05 Jun 2026 18:31

Nimbus RAT Delivered Through Microsoft Teams and Google Drive

SOC Prime Bias: Medium

source icon

eSentire

04 Jun 2026 18:18

TA4922: The Suspected Chinese Crime Group is Going Global

SOC Prime Bias: Medium

source icon

Proofpoint

04 Jun 2026 18:13

The Demon Arrives Later: A Havoc Stager Hides Behind Microsoft Defender DLP

SOC Prime Bias: Medium

source icon

levelbluecyber

04 Jun 2026 18:08

From Malspam to DesckVB RAT Deployment

SOC Prime Bias: Medium

source icon

Huntress

04 Jun 2026 17:59

Fake BlueWallet steals passwords, accounts, and crypto from Macs

SOC Prime Bias: Medium

source icon

Malwarebytes

04 Jun 2026 17:54

APT28 PixyNetLoader Evolution from 2024 to 2026

SOC Prime Bias: Critical

source icon

exatrack.com

03 Jun 2026 19:38

Gentlemen Ransomware Emulation Explained

SOC Prime Bias: High

source icon

AttackIQ

03 Jun 2026 19:31

Iran’s Cyber Paradox: Degraded APTs, Rising Proxies, and Bootkit Wipers

SOC Prime Bias: Critical

source icon

anomali.com

03 Jun 2026 19:24

MicrosoftSystem64: A Supply Chain RAT Exfiltrating Data to Hugging Face

SOC Prime Bias: Critical

source icon

SafeDep

03 Jun 2026 19:19

DriveSurge Uses ClickFix and Fake Update Drive-By Attacks at Scale

SOC Prime Bias: Medium

source icon

Silent Push