Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

05 Feb 2026 17:08

Is Babuk Back? Uncovering the Truth Behind Babuk Locker 2.0

SOC Prime Bias: High

source icon

picussecurity.com

05 Feb 2026 16:58

Infostealers without borders: macOS, Python stealers, and platform abuse

SOC Prime Bias: Medium

source icon

Microsoft Security Blog

04 Feb 2026 18:19

ESET Research DynoWiper update: Technical analysis and attribution

SOC Prime Bias: Critical

source icon

welivesecurity.com

04 Feb 2026 17:31

From Automation to Infection: How OpenClaw AI Agent Skills Are Being Weaponized

SOC Prime Bias: Critical

source icon

virustotal.com

04 Feb 2026 17:20

Inside a Multi-Stage Windows Malware Operation

SOC Prime Bias: High

source icon

Fortinet Blog

04 Feb 2026 17:07

Swarmer Tool Evading EDR With a Stealthy Modification on Windows Registry for Persistence

SOC Prime Bias: Medium

source icon

Cyber Security News

04 Feb 2026 16:59

DE&TH to Vulnerabilities: Huntress Catches SmarterMail Account Takeover Leading to RCE

SOC Prime Bias: Critical

source icon

Huntress

03 Feb 2026 21:25

Meet IClickFix: a widespread WordPress-targeting framework using the ClickFix tactic

SOC Prime Bias: Medium

source icon

Sekoia.io Blog

03 Feb 2026 20:06

When Malware Strikes Back

SOC Prime Bias: Medium

source icon

Point Wild

03 Feb 2026 19:33

EncystPHP: Weaponized FreePBX Web Shell for Persistent Admin Compromise

SOC Prime Bias: Critical

source icon

Fortinet Blog