Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

05 Dec 2025 16:35

CVE-2025-55182 and CVE-2025-66478: High-Fidelity Detection for RSC/Next.js RCE

SOC Prime Bias: Critical

Searchlight Cyber

04 Dec 2025 18:28

APT36 Deploys Python ELF Malware Against Indian Government Entities

SOC Prime Bias: Critical

CYFIRMA

04 Dec 2025 17:37

ValleyRAT Malware Targets Job Seekers, Abuses Foxit DLL Sideloading

SOC Prime Bias: Medium

Trend Micro

03 Dec 2025 20:12

Riddle Spider Avaddon Ransomware Analysis and Technical Overview

SOC Prime Bias: High

picussecurity.com

03 Dec 2025 19:02

Matanbuchus 3.0: Technical Analysis

SOC Prime Bias: High

Analysis of Rhadamanthy

02 Dec 2025 20:53

DIRTYBULK and Friends: USB Malware Fuelling Coinmining Ops

SOC Prime Bias: Medium

googlecloudcommunity.com

02 Dec 2025 18:54

Operation Hanoi Thief: Threat Actor Hits Vietnamese IT and Hiring Teams

SOC Prime Bias: Critical

Information Technology

01 Dec 2025 20:34

AWS GuardDuty Detector Disabled/Suspended – Threat Detection Rule Weekly #11-2025

SOC Prime Bias: Medium

suKTech24

01 Dec 2025 17:35

Play Ransomware Masquerades as SentinelOne in Grixba Recon Campaign

SOC Prime Bias: High

fieldeffectsoft

28 Nov 2025 18:53

Shai-Hulud: Widespread npm Supply Chain Attack

SOC Prime Bias: Critical

about.gitlab.com