Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

28 Apr 2026 18:51

The Month of Bypasses: What Defender Misses

SOC Prime Bias: Medium

source icon

PSI | Nemesis

28 Apr 2026 18:45

Crypto Drainers as a Converging Threat: Insights into Emerging Hybrid Attack Ecosystems

SOC Prime Bias: Medium

source icon

levelbluecyber

27 Apr 2026 18:22

Rebex-based Telegram RAT Targeting Vietnam

SOC Prime Bias: Medium

source icon

dmpdump

27 Apr 2026 18:17

Fake Document, Real Access: Foxit Impersonation Enables Stealth VNC Control

SOC Prime Bias: Medium

source icon

gdatasoftware.com

27 Apr 2026 18:12

Inside A Telegram Session Stealer: How A Pastebin-Hosted PowerShell Script Targets Desktop And Web Sessions

SOC Prime Bias: Medium

source icon

Flare

27 Apr 2026 18:06

Inside Vidar 2026: From Infection to Memory Execution

SOC Prime Bias: Medium

source icon

Point Wild

24 Apr 2026 18:24

ESET Research GopherWhisper: A burrow full of malware

SOC Prime Bias: Critical

source icon

welivesecurity.com

24 Apr 2026 18:19

Bissa Scanner Exposed: AI-Assisted Mass Exploitation and Credential Harvesting

SOC Prime Bias: Critical

source icon

The DFIR Report

24 Apr 2026 16:35

UNC6692 Deploys Custom Malware Through Social Engineering

SOC Prime Bias: Critical

source icon

Google Cloud Blog

24 Apr 2026 16:26

Analyzing a full ClickFix attack chain (part 1)

SOC Prime Bias: Medium

source icon

Stormshield