Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

29 Jun 2026 10:25

CVE-2026-33017 Cryptominer Campaign: From Langflow to Monero

SOC Prime Bias: Critical

source icon

Trend Micro

29 Jun 2026 09:42

Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access

SOC Prime Bias: High

source icon

Microsoft Security Blog

29 Jun 2026 09:14

STOCKSTAY Another Day: The Latest Addition to Turla’s Intelligence Gathering Apparatus

SOC Prime Bias: Critical

source icon

Google Cloud Blog

29 Jun 2026 09:08

Microsoft Teams-Themed Phishing Campaign Delivers Remote Access

SOC Prime Bias: High

source icon

CYFIRMA

25 Jun 2026 22:22

Agent Tesla Malware Analysis: Inside the .NET RAT’s Data Theft Capabilities

SOC Prime Bias: High

source icon

picussecurity.com

25 Jun 2026 18:47

GhostShell (MB-0009): Targeting Ukraine’s UAV Operations and Defense Supply Chain

SOC Prime Bias: High

source icon

Synaptic Security Blog

25 Jun 2026 18:41

PostCSS Masquerading as a Path to Windows RAT Delivery

SOC Prime Bias: High

source icon

JFrog Security Research

24 Jun 2026 22:37

PureRAT Variant Discovered in AI Video Player

SOC Prime Bias: High

source icon

lukeacha.com

24 Jun 2026 21:35

SilverFox-Style Loader Chain Uses Panasonic Shells, Alibaba OSS, and Sauron

SOC Prime Bias: High

source icon

Derp

24 Jun 2026 18:55

Handala Threat Group: Tactics, Targets, and Attack Timeline

SOC Prime Bias: Critical

source icon

picussecurity.com