4+ hour, 30+ min ago  (106+ words) SOC Prime Bias: High Rationale: This section details the precise execution of the adversary technique (TTP) designed to trigger the detection rule. The commands and narrative MUST directly reflect the TTPs identified and aim to generate the exact telemetry expected…...

4+ day, 6+ hour ago  (280+ words) SOC Prime SOC Prime Bias: Medium UAC-0057 Updates Its Toolkit with OYSTERFRESH, OYSTERSHUCK, and OYSTERBLUES CERT-UA has reported a phishing campaign aimed at Ukrainian government organizations. The emails contain PDF attachments that redirect recipients to ZIP archives carrying malicious Java…...

4+ day, 1+ hour ago  (375+ words) Add to my AI research Exclusive to SOC Prime users The current details for CVE-2026-9082 also matter because the scope is narrower than a generic "all Drupal sites" headline suggests. Drupal's advisory says the SQL injection issue only affects sites…...

4+ day, 6+ hour ago  (181+ words) SOC Prime Bias: Critical Rationale: This section details the precise execution of the adversary technique (TTP) designed to trigger the detection rule. The commands and narrative MUST directly reflect the TTPs identified and aim to generate the exact telemetry expected…...

4+ day, 12+ hour ago  (346+ words) SOC Prime SOC Prime Bias: Critical NG0002 Targets Chinese Academia with Weaponized Institutional Lures A threat actor tracked as UNG0002 launched a spear-phishing campaign against Chinese universities using a malicious ZIP archive disguised as an official fitness testing notice. Inside the archive…...

5+ day, 21+ hour ago  (317+ words) SOC Prime SOC Prime Bias: Medium SHub Reaper | mac OS Stealer Spoofs Apple, Google, and Microsoft in a Single Attack Chain The report analyzes a new mac OS infostealer variant called SHub Reaper, which uses fake We Chat and Miro…...

1+ week, 1+ day ago  (124+ words) SOC Prime Bias: Medium Rationale: This section details the precise execution of the adversary technique (TTP) designed to trigger the detection rule. The commands and narrative MUST directly reflect the TTPs identified and aim to generate the exact telemetry expected…...

1+ week, 4+ day ago  (215+ words) Add to my AI research Exclusive to SOC Prime users What is CVE-2026-42897 and how does it work? CVE-2026-42897 is a spoofing flaw in on-prem Microsoft Exchange Server caused by a cross-site scripting issue in OWA-related web content generation. A…...

1+ week, 5+ day ago  (353+ words) SOC Prime SOC Prime Bias: Critical Click Fix Evolves with Py Soxy Proxying Click Fix is a social engineering-based delivery technique that is now being paired with the open-source Py Soxy SOCKS5 proxy to create an encrypted secondary access channel. The…...

1+ week, 5+ day ago  (132+ words) SOC Prime Bias: Critical Rationale: This section details the precise execution of the adversary technique (TTP) designed to trigger the detection rule. The commands and narrative MUST directly reflect the TTPs identified and aim to generate the exact telemetry expected…...