Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

29 Apr 2026 17:34

BlueNoroff Uses ClickFix, Fileless PowerShell, and AI-Generated Fake Zoom Meetings to Target Web3 Sector

SOC Prime Bias: Critical

source icon

Arctic Wolf

29 Apr 2026 17:27

New Malware SLOTAGENT Supporting BOF Execution Published

SOC Prime Bias: Medium

source icon

IIJ Security Diary

28 Apr 2026 18:51

The Month of Bypasses: What Defender Misses

SOC Prime Bias: Medium

source icon

PSI | Nemesis

28 Apr 2026 18:45

Crypto Drainers as a Converging Threat: Insights into Emerging Hybrid Attack Ecosystems

SOC Prime Bias: Medium

source icon

levelbluecyber

27 Apr 2026 18:22

Rebex-based Telegram RAT Targeting Vietnam

SOC Prime Bias: Medium

source icon

dmpdump

27 Apr 2026 18:17

Fake Document, Real Access: Foxit Impersonation Enables Stealth VNC Control

SOC Prime Bias: Medium

source icon

gdatasoftware.com

27 Apr 2026 18:12

Inside A Telegram Session Stealer: How A Pastebin-Hosted PowerShell Script Targets Desktop And Web Sessions

SOC Prime Bias: Medium

source icon

Flare

27 Apr 2026 18:06

Inside Vidar 2026: From Infection to Memory Execution

SOC Prime Bias: Medium

source icon

Point Wild

24 Apr 2026 18:24

ESET Research GopherWhisper: A burrow full of malware

SOC Prime Bias: Critical

source icon

welivesecurity.com

24 Apr 2026 18:19

Bissa Scanner Exposed: AI-Assisted Mass Exploitation and Credential Harvesting

SOC Prime Bias: Critical

source icon

The DFIR Report