Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

08 Jan 2026 19:22

Cyberattack by group APT28 using malicious program CredoMap_v2 (CERT-UA#4622)

SOC Prime Bias: Critical

cert.gov.ua

06 Jan 2026 19:06

PHALT#BLYX Analysis: Fake BSODs and Trusted Build Tools in Malware Chains

SOC Prime Bias: Medium

Securonix

06 Jan 2026 18:50

From Code to Coverage (Part 2): The Whitespace Nightmare

SOC Prime Bias: Medium

Huntress

06 Jan 2026 18:29

A Series of Unfortunate (RMM) Events

SOC Prime Bias: Medium

Huntress

05 Jan 2026 19:10

New VVS Stealer Malware Targets Discord Accounts via Obfuscated Python Code

SOC Prime Bias: Medium

The Hacker News

05 Jan 2026 18:57

APT36 : Multi-Stage LNK Malware Campaign Targeting Indian Government Entities

SOC Prime Bias: Critical

CYFIRMA

05 Jan 2026 17:56

Rogue ScreenConnect: Common Social Engineering Tactics We Saw in 2025

SOC Prime Bias: Medium

Huntress

30 Dec 2025 16:52

Silver Fox Targets India with Tax-Themed Phishing Lures

SOC Prime Bias: Critical

cloudsek.com

30 Dec 2025 16:40

UNG0801: Israel-Targeted Threat Activity Driven by AV Icon Spoofing

SOC Prime Bias: Critical

Seqrite

30 Dec 2025 16:29

Phishing Campaign Spoofs India’s Income Tax to Target Businesses

SOC Prime Bias: Medium

Seqrite