Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

19 Jan 2026 18:57

Free Converter Software – Convert Any System from Clean to Infected in Seconds

SOC Prime Bias: Medium

source icon

nextron-systems.com

19 Jan 2026 18:45

DeadLock: Ransomware Gang Uses Smart Contracts to Mask Its Work

SOC Prime Bias: High

source icon

TheRegister

16 Jan 2026 16:42

LOTUSLITE Campaign: Targeted Espionage Driven by Geopolitical Narratives

SOC Prime Bias: Critical

source icon

Acronis

16 Jan 2026 16:25

How real software downloads can hide remote backdoors

SOC Prime Bias: Critical

source icon

Malwarebytes

16 Jan 2026 16:13

Prince of Persia APT Analysis: Infy, Foudre, and Tonnerre Malware

SOC Prime Bias: Critical

source icon

picussecurity.com

15 Jan 2026 19:13

“Unreliable Fund”: Targeted cyberattacks UAC-0190 against Ukrainian Defense Forces using PLUGGYAPE

SOC Prime Bias: Critical

source icon

cert.gov.ua

15 Jan 2026 18:51

SHADOW#REACTOR – TEXT-ONLY STAGING, .NET REACTOR, AND IN-MEMORY REMCOS RAT DEPLOYMENT

SOC Prime Bias: Medium

source icon

Securonix

15 Jan 2026 18:39

Gamaredon: Abusing BITS for “Windows Update”-Style Malware Delivery

SOC Prime Bias: Critical

source icon

Synaptic Security Blog

14 Jan 2026 19:49

Inside SafePay: Analyzing the New Centralized Ransomware Group

SOC Prime Bias: High

source icon

picussecurity.com

14 Jan 2026 19:37

Hunting Lazarus: Inside the Contagious Interview C2 Infrastructure

SOC Prime Bias: Critical

source icon

Red Asgard