Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

22 Apr 2026 18:52

Kyber Ransomware Double Trouble: Windows and ESXi Attacks Explained

SOC Prime Bias: High

Rapid7

22 Apr 2026 18:47

macOS ClickFix Campaign: AppleScript Stealers & New Terminal Protections

SOC Prime Bias: Medium

Netskope

22 Apr 2026 18:41

Nightmare-Eclipse Moves from Public PoC to Real-World Attacks

SOC Prime Bias: Critical

Huntress

22 Apr 2026 18:36

Fake Google Antigravity Pages Steal User Accounts in Minutes

SOC Prime Bias: Critical

Malwarebytes

22 Apr 2026 08:32

Threat Advisory: Attackers Intensify Bomgar RMM Exploitation

SOC Prime Bias: Critical

Huntress

21 Apr 2026 18:30

CVE-2026-33829: Snipping Tool NTLM Leak

SOC Prime Bias: Critical

GitHub

21 Apr 2026 18:25

Remcos RAT Delivered Through a Deceptive Purchase Order

SOC Prime Bias: Medium

Hornetsecurity

21 Apr 2026 18:21

Your shipment has arrived email hides remote access software

SOC Prime Bias: Medium

Malwarebytes

21 Apr 2026 18:16

Not Just Annoying Ads: Adware Bundles Delivering Gh0st RAT

SOC Prime Bias: Medium

Splunk

21 Apr 2026 18:12

Lumma Stealer infection with Sectop RAT (ArechClient2)

SOC Prime Bias: Medium

SANS Internet Storm Center