Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

08 Jun 2026 22:33

GammaSteel: Inside Gamaredon’s Unfolding Malware Chain

SOC Prime Bias: Critical

source icon

Sekoia.io Blog

05 Jun 2026 18:49

The Evil MSI Background Returns

SOC Prime Bias: Medium

source icon

SANS Internet Storm Center

05 Jun 2026 18:45

Miasma Supply Chain Attack Spreads Through the Phantom Gyp Worm

SOC Prime Bias: Critical

source icon

stepsecurity.io

05 Jun 2026 18:40

C0XMO: A New Gafgyt Variant with Cross-Platform Propagation

SOC Prime Bias: Critical

source icon

Fortinet Blog

05 Jun 2026 18:31

Nimbus RAT Delivered Through Microsoft Teams and Google Drive

SOC Prime Bias: Medium

source icon

eSentire

04 Jun 2026 18:18

TA4922: The Suspected Chinese Crime Group is Going Global

SOC Prime Bias: Medium

source icon

Proofpoint

04 Jun 2026 18:13

The Demon Arrives Later: A Havoc Stager Hides Behind Microsoft Defender DLP

SOC Prime Bias: Medium

source icon

levelbluecyber

04 Jun 2026 18:08

From Malspam to DesckVB RAT Deployment

SOC Prime Bias: Medium

source icon

Huntress

04 Jun 2026 17:59

Fake BlueWallet steals passwords, accounts, and crypto from Macs

SOC Prime Bias: Medium

source icon

Malwarebytes

04 Jun 2026 17:54

APT28 PixyNetLoader Evolution from 2024 to 2026

SOC Prime Bias: Critical

source icon

exatrack.com