Active Threats

Explore the latest active threats being deployed by malicious actors as of Q4 2025. Each report may offer attack flows, actionable detection rules, and simulation instructions to help SOC teams stay ahead of evolving adversary techniques.

12 Jun 2026 21:43

Massive PyPI Supply Chain Attack Harvests Cloud Credentials via Python Startup Hooks

SOC Prime Bias: Critical

source icon

Orca Security

12 Jun 2026 09:33

Technical Analysis of Suspicious Emails Targeting the Hotel Industry

SOC Prime Bias: High

source icon

ITOCHU Cyber & Intelligence Inc.

12 Jun 2026 09:27

AsyncRAT Delivered Through AI-Themed Threat Campaigns

SOC Prime Bias: High

source icon

Fortinet Blog

12 Jun 2026 09:21

RoguePlanet Exploits a Windows Zero-Day Through Defender’s Quarantine Pipeline

SOC Prime Bias: Critical

source icon

cyderes.com

12 Jun 2026 09:16

Analysis of Suspicious Emails Targeting the Hotel Industry

SOC Prime Bias: Medium

source icon

ITOCHU Cyber & Intelligence Inc.

12 Jun 2026 09:10

Khmer Shadow Targets Cambodian Government Entities in Espionage Campaign

SOC Prime Bias: High

source icon

Acronis

12 Jun 2026 09:05

JDY Botnet Growth Enables Faster Exploitation of IoT and SOHO Flaws

SOC Prime Bias: Critical

source icon

lumen.com

10 Jun 2026 23:37

Technical Analysis of MLTBackdoor

SOC Prime Bias: High

source icon

zscaler.com

10 Jun 2026 23:31

PoisonX Driver-Based Attack Campaign Targets Japanese Organizations

SOC Prime Bias: Critical

source icon

株式会社ラック

09 Jun 2026 16:04

From Fake Amazon Security Alert to HarborWatch Agent Delivery

SOC Prime Bias: Medium

source icon

cofense.com