Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

16 Apr 2026 15:04

ErrTraffic v3 Uses EtherHiding in ClickFix Campaigns

SOC Prime Bias: Medium

source icon

levelbluecyber

16 Apr 2026 14:58

UAC-0247 Targets Hospitals, Local Governments, and FPV Operators

SOC Prime Bias: Critical

source icon

cert.gov.ua

15 Apr 2026 17:47

Dragon Boss Leaves 25,000+ Endpoints Exposed

SOC Prime Bias: Critical

source icon

Huntress

15 Apr 2026 17:41

JanaWare Ransomware Targets Turkey via Adwind RAT

SOC Prime Bias: High

source icon

Acronis

14 Apr 2026 18:55

Fake Claude site installs malware that gives attackers access to your computer

SOC Prime Bias: Medium

source icon

Malwarebytes

14 Apr 2026 18:48

Obfuscated JavaScript at the Core of the Attack

SOC Prime Bias: Medium

source icon

SANS Internet Storm Center

14 Apr 2026 18:43

Phantom in the vault: Obsidian abused to deliver PhantomPulse RAT

SOC Prime Bias: Medium

source icon

elastic.co

14 Apr 2026 18:38

VIPERTUNNEL Python Backdoor: A Deep Dive

SOC Prime Bias: High

source icon

InfoGuard Labs

10 Apr 2026 16:57

In-Memory Loader Drops ScreenConnect

SOC Prime Bias: Medium

source icon

Multiple Vulnerabilities Found In ConnectWise ScreenConnect Read post

10 Apr 2026 16:52

Silver Fox Wraps ValleyRAT in ZPAQ and a ByteDance Binary: A Telegram Chinese Language Pack MSI Lure

SOC Prime Bias: Critical

source icon

Breakglass Intelligence