Active Threats
Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.
ValleyRAT Malware Targets Job Seekers, Abuses Foxit DLL Sideloading
SOC Prime Bias: Medium
Trend Micro
Riddle Spider Avaddon Ransomware Analysis and Technical Overview
SOC Prime Bias: High
picussecurity.com
Matanbuchus 3.0: Technical Analysis
SOC Prime Bias: High
Analysis of Rhadamanthy
DIRTYBULK and Friends: USB Malware Fuelling Coinmining Ops
SOC Prime Bias: Medium
googlecloudcommunity.com
Operation Hanoi Thief: Threat Actor Hits Vietnamese IT and Hiring Teams
SOC Prime Bias: Critical
Information Technology
AWS GuardDuty Detector Disabled/Suspended – Threat Detection Rule Weekly #11-2025
SOC Prime Bias: Medium
suKTech24
Play Ransomware Masquerades as SentinelOne in Grixba Recon Campaign
SOC Prime Bias: High
fieldeffectsoft
Shai-Hulud: Widespread npm Supply Chain Attack
SOC Prime Bias: Critical
about.gitlab.com
DripLoader Malware: Shellcode Execution and Defense Evasion
SOC Prime Bias: Medium
coreycburton.com
Zscaler Threat Hunting Exposes and Reconstructs the Water Gamayun APT Campaign
SOC Prime Bias: Critical
The Hidden