Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

24 Apr 2026 16:18

Fake Interview Lures Used by Void Dokkaebi to Spread Malware Through Git Repositories

SOC Prime Bias: Critical

source icon

Trend Micro

23 Apr 2026 17:11

Fake Trading Website Installs Malware That Hijacks Browsers

SOC Prime Bias: Medium

source icon

Malwarebytes

22 Apr 2026 18:58

Same packet, different magic: Mustang Panda hits India’s banking sector and Korea geopolitics

SOC Prime Bias: Critical

source icon

Acronis

22 Apr 2026 18:52

Kyber Ransomware Double Trouble: Windows and ESXi Attacks Explained

SOC Prime Bias: High

source icon

Rapid7

22 Apr 2026 18:47

macOS ClickFix Campaign: AppleScript Stealers & New Terminal Protections

SOC Prime Bias: Medium

source icon

Netskope

22 Apr 2026 18:41

Nightmare-Eclipse Moves from Public PoC to Real-World Attacks

SOC Prime Bias: Critical

source icon

Huntress

22 Apr 2026 18:36

Fake Google Antigravity Pages Steal User Accounts in Minutes

SOC Prime Bias: Critical

source icon

Malwarebytes

22 Apr 2026 08:32

Threat Advisory: Attackers Intensify Bomgar RMM Exploitation

SOC Prime Bias: Critical

source icon

Huntress

21 Apr 2026 18:30

CVE-2026-33829: Snipping Tool NTLM Leak

SOC Prime Bias: Critical

source icon

GitHub

21 Apr 2026 18:25

Remcos RAT Delivered Through a Deceptive Purchase Order

SOC Prime Bias: Medium

source icon

Hornetsecurity