Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

16 Apr 2026 17:01

From fake Proton VPN sites to gaming mods, this Windows infostealer is everywhere

SOC Prime Bias: Medium

Malwarebytes

16 Apr 2026 16:46

North Korea’s Safari Campaign Delivers RATs

SOC Prime Bias: Medium

bitso.com

16 Apr 2026 15:14

Threat Actors Misuse n8n to Automate AI-Driven Attacks

SOC Prime Bias: Medium

Cisco Talos Blog

16 Apr 2026 15:04

ErrTraffic v3 Uses EtherHiding in ClickFix Campaigns

SOC Prime Bias: Medium

levelbluecyber

16 Apr 2026 14:58

UAC-0247 Targets Hospitals, Local Governments, and FPV Operators

SOC Prime Bias: Critical

cert.gov.ua

15 Apr 2026 17:47

Dragon Boss Leaves 25,000+ Endpoints Exposed

SOC Prime Bias: Critical

Huntress

15 Apr 2026 17:41

JanaWare Ransomware Targets Turkey via Adwind RAT

SOC Prime Bias: High

Acronis

14 Apr 2026 18:55

Fake Claude site installs malware that gives attackers access to your computer

SOC Prime Bias: Medium

Malwarebytes

14 Apr 2026 18:48

Obfuscated JavaScript at the Core of the Attack

SOC Prime Bias: Medium

SANS Internet Storm Center

14 Apr 2026 18:43

Phantom in the vault: Obsidian abused to deliver PhantomPulse RAT

SOC Prime Bias: Medium

elastic.co