Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

14 Apr 2026 18:38

VIPERTUNNEL Python Backdoor: A Deep Dive

SOC Prime Bias: High

source icon

InfoGuard Labs

10 Apr 2026 16:57

In-Memory Loader Drops ScreenConnect

SOC Prime Bias: Medium

source icon

Multiple Vulnerabilities Found In ConnectWise ScreenConnect Read post

10 Apr 2026 16:52

Silver Fox Wraps ValleyRAT in ZPAQ and a ByteDance Binary: A Telegram Chinese Language Pack MSI Lure

SOC Prime Bias: Critical

source icon

Breakglass Intelligence

10 Apr 2026 16:43

Fake Windows Support Site Delivers Password-Stealing Malware

SOC Prime Bias: Medium

source icon

Malwarebytes

09 Apr 2026 18:30

ClickFix to MaaS: Inside a Modular Windows RAT and Its Control Panel

SOC Prime Bias: Medium

source icon

Netskope

09 Apr 2026 18:22

Remus: Unpacking the 64-bit Evolution of the Lumma Stealer

SOC Prime Bias: Medium

source icon

GenThreatLabs

09 Apr 2026 18:14

New Whitepaper: BPFDoor Variants Hide in Plain Sight

SOC Prime Bias: Critical

source icon

Rapid7

09 Apr 2026 18:09

NightSpire Ransomware Evolves: Updated Techniques and Detection Tips

SOC Prime Bias: High

source icon

Huntress

09 Apr 2026 17:59

DesckVB RAT Analysis: From JavaScript Loader to Fileless .NET RAT

SOC Prime Bias: Medium

source icon

Point Wild

09 Apr 2026 17:52

ChainShell: MuddyWater & Russian MaaS

SOC Prime Bias: Critical

source icon

JUMPSEC