For years, Security Operation Centres (SOC) have relied on detection tools that are becoming less effective in the cybersecurity industry, where sophisticated campaigns made by cybercriminals are not being noticed. Particularly, the detection of cybersecurity threat mutations – where attackers modify their techniques to evade detection – has emerged as a key challenge for organizations seeking to protect their data and systems. Through an extensive analysis of cybersecurity incidents and real network data, we propose a novel methodology and taxonomy in the field to detect threat mutations by combining a supervised machine learning algorithm with behavioural analysis. Our findings reveal the likelihood of a threat being a mutation of a known threat, including a novel representation of user behaviour profiles and an extended analysis of their properties. This study contributes to advancing detection and prevention techniques in the cybersecurity domain, paving the way for more resilient and adaptive defence systems.