Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

12 May 2026 18:13

OPERATION SILENTCANVAS : JPEG BASED MULTISTAGE POWERSHELL INTRUSION

SOC Prime Bias: Critical

source icon

CYFIRMA

12 May 2026 18:04

Shub Stealer Infection Notice for macOS

SOC Prime Bias: Medium

source icon

malware-traffic-analysis.net

11 May 2026 17:48

OpenClaw’s Hologram Delivers a Fake Installer and Rust Infostealer

SOC Prime Bias: Medium

source icon

Netskope

11 May 2026 17:40

Dirty Frag Linux Flaw Raises Post-Compromise Risk

SOC Prime Bias: Critical

source icon

Microsoft Security Blog

08 May 2026 18:45

AMOS Stealer Targets macOS Through “Cracked” Apps

SOC Prime Bias: Medium

source icon

Trend Micro

08 May 2026 18:40

Operation GriefLure: Dissecting an APT Campaign Targeting Vietnam’s Military Telecom & Philippine Healthcare

SOC Prime Bias: Critical

source icon

Seqrite

08 May 2026 18:33

NWHStealer Spread Through Bun JavaScript Runtime

SOC Prime Bias: Medium

source icon

Malwarebytes

08 May 2026 18:29

TCLBANKER: Brazilian Banking Trojan Spreading via WhatsApp and Outlook

SOC Prime Bias: Medium

source icon

elastic.co

07 May 2026 18:58

Salat Stealer Analysis Go Based RAT C2 Resilience and Info Stealing Capabilities

SOC Prime Bias: Medium

source icon

darkatlas.io

07 May 2026 18:54

DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware

SOC Prime Bias: Critical

source icon

The Hacker News