Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

27 Apr 2026 18:17

Fake Document, Real Access: Foxit Impersonation Enables Stealth VNC Control

SOC Prime Bias: Medium

source icon

gdatasoftware.com

27 Apr 2026 18:12

Inside A Telegram Session Stealer: How A Pastebin-Hosted PowerShell Script Targets Desktop And Web Sessions

SOC Prime Bias: Medium

source icon

Flare

27 Apr 2026 18:06

Inside Vidar 2026: From Infection to Memory Execution

SOC Prime Bias: Medium

source icon

Point Wild

24 Apr 2026 18:24

ESET Research GopherWhisper: A burrow full of malware

SOC Prime Bias: Critical

source icon

welivesecurity.com

24 Apr 2026 18:19

Bissa Scanner Exposed: AI-Assisted Mass Exploitation and Credential Harvesting

SOC Prime Bias: Critical

source icon

The DFIR Report

24 Apr 2026 16:35

UNC6692 Deploys Custom Malware Through Social Engineering

SOC Prime Bias: Critical

source icon

Google Cloud Blog

24 Apr 2026 16:26

Analyzing a full ClickFix attack chain (part 1)

SOC Prime Bias: Medium

source icon

Stormshield

24 Apr 2026 16:18

Fake Interview Lures Used by Void Dokkaebi to Spread Malware Through Git Repositories

SOC Prime Bias: Critical

source icon

Trend Micro

23 Apr 2026 17:11

Fake Trading Website Installs Malware That Hijacks Browsers

SOC Prime Bias: Medium

source icon

Malwarebytes

22 Apr 2026 18:58

Same packet, different magic: Mustang Panda hits India’s banking sector and Korea geopolitics

SOC Prime Bias: Critical

source icon

Acronis