Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

12 Jun 2026 09:05

JDY Botnet Growth Enables Faster Exploitation of IoT and SOHO Flaws

SOC Prime Bias: Critical

lumen.com

10 Jun 2026 23:37

Technical Analysis of MLTBackdoor

SOC Prime Bias: High

zscaler.com

10 Jun 2026 23:31

PoisonX Driver-Based Attack Campaign Targets Japanese Organizations

SOC Prime Bias: Critical

株式会社ラック

09 Jun 2026 16:04

From Fake Amazon Security Alert to HarborWatch Agent Delivery

SOC Prime Bias: Medium

cofense.com

09 Jun 2026 15:43

STX RAT Supply Chain Attack Hits Wallets and X-VPN

SOC Prime Bias: Critical

Sekoia.io Blog

09 Jun 2026 15:31

From Crypto Wallets to a 100M-User VPN: Inside an Active STX RAT Supply Chain Campaign

SOC Prime Bias: Critical

cyderes.com

09 Jun 2026 15:25

Seeking Counsel: Ongoing Targeted Attacks Against US Law Firms

SOC Prime Bias: High

Google Cloud Blog

08 Jun 2026 22:55

AI-Powered Roblox Cheats Deliver the Yuta/Solara Stealer

SOC Prime Bias: Medium

Derp

08 Jun 2026 22:48

PulseRAT Delivered Through a UAE-India Partnership Lure

SOC Prime Bias: Critical

dmpdump

08 Jun 2026 22:43

Preinstall to Persistence: Inside the Red Hat npm Miasma Credential-Theft Campaign

SOC Prime Bias: Critical

Microsoft Security Blog