Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

18 Jun 2026 17:32

ESET Research FishMonger’s arsenal upgraded: SprySOCKS for Windows

SOC Prime Bias: Critical

welivesecurity.com

18 Jun 2026 17:28

SloppyLemming Attack Techniques & BurrowShell Backdoor Explained

SOC Prime Bias: Critical

picussecurity.com

17 Jun 2026 16:09

Inside a Deno-Based Proxy and RAT

SOC Prime Bias: High

InfoGuard Labs

17 Jun 2026 16:03

Operation Poisson: Breaking Down an Entire Cybercriminal Operation

SOC Prime Bias: High

Cato Networks

17 Jun 2026 15:58

How a VHDX File Delivers Remcos RAT

SOC Prime Bias: High

SANS Internet Storm Center

17 Jun 2026 15:50

UNC1549 TTPs: Iranian APT Targeting Aerospace and Defense

SOC Prime Bias: Critical

picussecurity.com

16 Jun 2026 16:03

ShinyHunters Targets Education Sector with Oracle PeopleSoft Exploit

SOC Prime Bias: Critical

Google Cloud Blog

16 Jun 2026 15:58

Interlock and Rhysida: AI in the Ransomware Ecosystem

SOC Prime Bias: Critical

ibm.com

16 Jun 2026 15:54

OnyxC2: A New Stealer Targeting 210 Applications

SOC Prime Bias: High

BlackFog

16 Jun 2026 08:47

Analyzing SHEET#CREEP: The Malware Returns with New Config Obfuscation

SOC Prime Bias: Critical

Securonix