Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

26 Jan 2026 22:08

PeckBirdy: A Versatile Script Framework for LOLBins Exploitation Used by China-aligned Threat Groups

SOC Prime Bias: Critical

source icon

Trend Micro

26 Jan 2026 21:54

Safetica contains a kernel driver vulnerability

SOC Prime Bias: Critical

source icon

Software Engineering Institute

26 Jan 2026 20:32

SOLYXIMMORTAL : PYTHON MALWARE ANALYSIS

SOC Prime Bias: Medium

source icon

CYFIRMA

26 Jan 2026 20:10

When Malware Authors Troll Security Researchers

SOC Prime Bias: Medium

source icon

profero.io

23 Jan 2026 18:03

Can You Overuse LOLBins to Deliver RAT Payloads?

SOC Prime Bias: Medium

source icon

Malwarebytes

23 Jan 2026 17:15

UAT-8837 Targets Critical Infrastructure Across North America

SOC Prime Bias: Critical

source icon

Cisco Talos Blog

22 Jan 2026 19:09

BigSquatRat npm Package Campaign Analysis

SOC Prime Bias: Critical

source icon

kmsec.uk

22 Jan 2026 18:11

Operation Nomad Leopard: Targeted Spear-Phishing Campaign Against Government Entities in Afghanistan

SOC Prime Bias: Critical

source icon

Seqrite

22 Jan 2026 17:57

How Threat Actors Are Weaponizing Microsoft Visual Studio Code

SOC Prime Bias: Critical

source icon

jamfsoftware

21 Jan 2026 19:34

Dissecting CrashFix: KongTuke’s New Toy

SOC Prime Bias: Critical

source icon

Huntress