Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

30 Dec 2025 16:40

UNG0801: Israel-Targeted Threat Activity Driven by AV Icon Spoofing

SOC Prime Bias: Critical

Seqrite

30 Dec 2025 16:29

Phishing Campaign Spoofs India’s Income Tax to Target Businesses

SOC Prime Bias: Medium

Seqrite

29 Dec 2025 12:55

Active Exploitation of Gladinet CentreStack/Triofox Insecure Cryptography Vulnerability

SOC Prime Bias: Critical

Huntress

29 Dec 2025 12:37

Trial, Error, and Typos: Why Some Malware Attacks Aren’t as ‘Sophisticated’ as You Think

SOC Prime Bias: Critical

Huntress

29 Dec 2025 11:37

HardBit 4.0: Ransomware Analysis and Key Findings

SOC Prime Bias: High

picussecurity.com

23 Dec 2025 13:56

Prince of Persia: A 10-Year Retrospective on Iranian APT Activity

SOC Prime Bias: Critical

SafeBreach

23 Dec 2025 13:38

GeoServer Under Attack: Malware Coin Miner Campaigns

SOC Prime Bias: Critical

ASEC

23 Dec 2025 13:26

Stealth in Layers: Unmasking the Loader used in Targeted Email Campaigns

SOC Prime Bias: Critical

Cyble

18 Dec 2025 21:42

Phantom 3.5 – redential stealing malware delivered via a fake Adobe installer

SOC Prime Bias: Medium

K7 Labs

17 Dec 2025 17:33

The Detection & Response Chronicles: Exploring Telegram Abuse

SOC Prime Bias: Medium

NVISO Labs