Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

18 May 2026 21:20

Hunting Chinese APTs Abusing Native Windows Tools

SOC Prime Bias: Critical

source icon

hackers-arise.com

15 May 2026 16:51

FrostyNeighbor: Fresh Mischief and Digital Threats

SOC Prime Bias: Critical

source icon

welivesecurity.com

15 May 2026 16:38

Active Supply Chain Attack Compromises node-ipc Package

SOC Prime Bias: Critical

source icon

Socket

15 May 2026 16:24

Dissecting a ModeloRAT Campaign from Teams Phishing to Domain Compromise

SOC Prime Bias: Critical

source icon

Rapid7

15 May 2026 15:49

FamousSparrow Targets Azerbaijan’s Oil and Gas Sector

SOC Prime Bias: Critical

source icon

Bitdefender Blog

14 May 2026 15:37

ClickFix Evolves with PySoxy Proxying

SOC Prime Bias: Critical

source icon

ReliaQuest

14 May 2026 15:30

Shai-Hulud: Here We Go Again – Worm by TeamPCP Hits NPM and PyPI

SOC Prime Bias: Critical

source icon

JFrog Security Research

14 May 2026 15:27

Python Backdoor Threat Analysis Following an AI Deepfake Impersonation Campaign

SOC Prime Bias: Critical

source icon

co.kr

14 May 2026 15:19

Gamaredon Uses Spoofed Emails, GammaDrop, and GammaLoad

SOC Prime Bias: Critical

source icon

HarfangLab

13 May 2026 22:13

Malware Found in Trending Hugging Face Repository

SOC Prime Bias: Critical

source icon

hiddenlayer.com