Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

26 Mar 2026 16:07

Analyzing FAUX#ELEVATE: Threat Actors Target France with CV Lures to Deploy Crypto Miners and Infostealers Targeting Enterprise Environments

SOC Prime Bias: Medium

Securonix

26 Mar 2026 15:43

When Malware Talks Back: Real-Time Interaction with a Threat Actor During the Analysis of Kiss Loader

SOC Prime Bias: Medium

gdatasoftware.com

26 Mar 2026 15:16

GlassWorm Hides a RAT Inside a Malicious Chrome Extension

SOC Prime Bias: Critical

aikido.dev

25 Mar 2026 19:16

Iran Conflict Drives Surge in Espionage Activity Across Middle East Targets

SOC Prime Bias: Critical

Proofpoint

25 Mar 2026 18:25

T1547.001 in MITRE ATT&CK: Registry Run Keys and Startup Folder Explained

SOC Prime Bias: Medium

picussecurity.com

25 Mar 2026 18:21

T1547.003 Time Providers in MITRE ATT&CK Explained

SOC Prime Bias: Critical

picussecurity.com

25 Mar 2026 17:36

That “job brief” on Google Forms could infect your device

SOC Prime Bias: Medium

Malwarebytes

25 Mar 2026 17:26

Tracing a Multi-Vector Malware Campaign: From VBS to Open Infrastructure

SOC Prime Bias: Medium

levelbluecyber

25 Mar 2026 17:18

From Invitation to Infection: How SILENTCONNECT Delivers ScreenConnect

SOC Prime Bias: Medium

elastic.co

24 Mar 2026 16:03

Winos 4.0 Malware Masquerading as a KakaoTalk Installer

SOC Prime Bias: Medium

ASEC