Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

08 Jul 2026 19:01

Windows Service Published Through Administrator Access

SOC Prime Bias: High

source icon

Purple Team

07 Jul 2026 00:57

Mustang Panda Uses ZOHOMURK and MINIRECON Against India’s Government and Energy Sectors

SOC Prime Bias: High

source icon

Acronis

07 Jul 2026 00:51

Anatomy of an Attack: VIPERTUNNEL

SOC Prime Bias: High

source icon

extrahop.com

04 Jul 2026 10:08

Tracking the Defence Impairment Olympics

SOC Prime Bias: Critical

source icon

Huntress

04 Jul 2026 10:02

ADWS and the Hidden Path to Active Directory Enumeration

SOC Prime Bias: Medium

source icon

root@j0su

04 Jul 2026 09:57

Quick Assist Full Control Mode Enabled

SOC Prime Bias: Medium

source icon

GitHub

02 Jul 2026 09:46

StrikeShark Campaign Delivers Cobalt Strike Through SharkLoader

SOC Prime Bias: High

source icon

Securelist

02 Jul 2026 09:38

UAC-0226 Tooling Evolution from WinRAR ADS to Reflective GIFTEDCROOK Loading

SOC Prime Bias: High

source icon

Synaptic Security Blog

01 Jul 2026 12:43

SQL Brute Force Opens the Door to BlueSky Ransomware

SOC Prime Bias: Critical

source icon

The DFIR Report

01 Jul 2026 12:23

Operation DragonReturn: China-Nexus Espionage Targeting India’s Tax Infrastructure

SOC Prime Bias: Critical

source icon

Seqrite Labs