Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

04 Feb 2026 17:20

Inside a Multi-Stage Windows Malware Operation

SOC Prime Bias: High

source icon

Fortinet Blog

04 Feb 2026 17:07

Swarmer Tool Evading EDR With a Stealthy Modification on Windows Registry for Persistence

SOC Prime Bias: Medium

source icon

Cyber Security News

04 Feb 2026 16:59

DE&TH to Vulnerabilities: Huntress Catches SmarterMail Account Takeover Leading to RCE

SOC Prime Bias: Critical

source icon

Huntress

03 Feb 2026 21:25

Meet IClickFix: a widespread WordPress-targeting framework using the ClickFix tactic

SOC Prime Bias: Medium

source icon

Sekoia.io Blog

03 Feb 2026 20:06

When Malware Strikes Back

SOC Prime Bias: Medium

source icon

Point Wild

03 Feb 2026 19:33

EncystPHP: Weaponized FreePBX Web Shell for Persistent Admin Compromise

SOC Prime Bias: Critical

source icon

Fortinet Blog

02 Feb 2026 14:44

UAC-0001 (APT28) Attacks Using CVE-2026-21509

SOC Prime Bias: Critical

source icon

cert.gov.ua

02 Feb 2026 14:31

Dissecting UAT-8099: New persistence mechanisms and regional focus

SOC Prime Bias: Critical

source icon

Cisco Talos Blog

02 Feb 2026 14:23

Exposed Open Directory Leaks a Full BYOB Deployment Across Windows, Linux, and macOS

SOC Prime Bias: Medium

source icon

hunt.io

02 Feb 2026 14:10

Novel Fake CAPTCHA Chain Delivers AMATERA Stealer

SOC Prime Bias: Medium

source icon

Blackpoint