Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

24 Jun 2026 18:50

Someone’s Hands Are on Your Keyboard Then Your Whole Network. Courtesy of ClickFix, Potemkin, RMMProject and EtherRAT

SOC Prime Bias: Critical

source icon

Huntress

24 Jun 2026 18:40

macOS ClickFix Lures Deploy an AppleScript Stealer and Persistent RAT

SOC Prime Bias: Critical

source icon

Netskope

24 Jun 2026 09:53

How Sinobi Ransomware Encrypts Files and Destroys Backups

SOC Prime Bias: Critical

source icon

picussecurity.com

24 Jun 2026 09:40

A Multi-Stage Steganographic Loader Campaign Deploying Diverse Payloads Worldwide

SOC Prime Bias: High

source icon

K7 Labs

24 Jun 2026 09:30

Weaponized RAR Archives Used to Target Thailand’s Healthcare Sector

SOC Prime Bias: High

source icon

Seqrite Labs

22 Jun 2026 22:55

Killing Me Gently: Inside Gentlemen’s EDR Killer Framework

SOC Prime Bias: Critical

source icon

welivesecurity.com

22 Jun 2026 22:48

OceanLotus (APT32) Explained: Tactics, Malware, and TTPs

SOC Prime Bias: Critical

source icon

picussecurity.com

22 Jun 2026 22:43

Prinz Eugen Ransomware: A Deep Dive into a New Go-Based Encryptor

SOC Prime Bias: Critical

source icon

ThreatDown by Malwarebytes

22 Jun 2026 16:09

ClickFix Campaign Generated Via AI Delivers SmartRAT

SOC Prime Bias: High

source icon

zscaler.com

22 Jun 2026 16:04

From Emerging Threat to Leading Ransomware-as-a-Service: The Evolution of INC Ransomware

SOC Prime Bias: Critical

source icon

Acronis