AI-powered attacks, zero-days, and supply chain breaches -- the top cyber threats of 2025


New analysis of recent high-profile breaches and global threat patterns, reveals a cybersecurity landscape dominated by AI-enhanced attacks, organized cybercrime, and rapid exploitation of zero-day vulnerabilities.
The research, from compliance automation platform Secureframe, shows critical infrastructure, healthcare, and financial services have become primary targets as threat actors evolve faster than traditional defenses.
AI-generated deepfakes used to drive attacks


As generative AI tools have become more powerful, affordable and accessible, cybercriminals are increasingly adopting them to support attacks, these range from business fraud to extortion and identity theft.
A new report from Trend Micro shows that deepfakes are no longer just hype but are being used in real-world exploitation, undermining digital trust, exposing companies to new risks, and boosting the business models of cybercriminals.
AI lowers the barrier to entry for cybercriminals


We all know that businesses are facing a raft of more sophisticated cyberthreats, partly driven by AI. We also know that there can be an impact beyond the financial in terms of damage to reputation and loss of customers.
A new report from cyber insurance specialist Hiscox reveals that 67 percent of organizations report increase in attacks and 34 percent of firms have compromised cybersecurity measures due to lack of expertise in managing emerging tech risks.
Cybercriminals lure LLMs to the dark side


A new AI security report from Check Point Software shows how cybercriminals are co-opting generative AI and large language models (LLMs) in order to damage trust in digital identity.
At the heart of these developments is AI's ability to convincingly impersonate and manipulate digital identities, dissolving the boundary between authentic and fake.
Initial access brokers target mid-sized businesses for ransomware


Initial access brokers (IABs) are the invisible engine of modern cybercrime. They don't execute ransomware attacks, but they do enable them.
Research from Check Point External Risk Management (formerly Cyberint) shows that IABs are increasingly targeting smaller businesses, with 60.5 percent of listings targeting SMBs (companies with $5M - $50M revenue), representing a new 'sweet spot' for attackers.
Psst, wanna be a fraudster? Ordinary consumers are being lured into cybercrime


A new report from Sift reveals an alarming democratization of cybercrime, with 34 percent of consumers seeing offers to participate in payment fraud online, an 89 percent increase over 2024.
The report details how fraudsters openly advertise and sell stolen payment information and fraud services on social media platforms and deep web forums like Telegram, significantly lowering the barrier to entry for anyone to participate in fraudulent activities.
Malware-as-a-Service accounts for 57 percent of all threats


A new report from Darktrace reveals that Malware-as-a-Service (MaaS) is now responsible for 57 percent of all cyber threats to organizations, a 17 percent increase from the first half of 2024.
The use of remote access trojans (RATs) has also seen a significant increase in the latter half of last year, representing 46 percent of campaign activity identified, compared to only 12 percent in the first half.
Fraud-as-a-Service allows cybercriminals to launch complex attacks with minimal skills


User-friendly fraud kits that enable amateurs to execute complex attacks against thousands of accounts in minutes are widely available on the dark web according to the latest 2024 Report on Global Identity Fraud from AU10TIX.
FaaS platforms provide all the tools, templates and automation that fraudsters need, including deepfake generators to create synthetic selfies and videos, botnets to automate mass-scale account creation and takeover, and phishing kits for email and web-based scams.
The AI arms race: How machine learning is disrupting financial crime


The financial services industry is in the midst of an unprecedented AI arms race. Criminal organizations are getting smarter, using cutting-edge tech to launch elaborate attacks on financial systems. In response, financial institutions (FIs) are turning to AI and machine learning (ML) to level the playing field. That’s right -- FIs are keeping pace with their criminal counterparts, thwarting malicious activity much more reliably and efficiently.
Having spent my career at the intersection of finance and technology, I've seen the constant race to stay ahead of evolving criminal operations. Rules-based systems, while foundational, simply can't match the speed and adaptability of modern financial crime. But now, through advanced pattern detection, adaptive defense mechanisms, and dramatically improved accuracy in identifying suspicious activity, AI is fundamentally reshaping how we fight financial crime -- and winning.
Holiday deal hunting mirrored by dark web behavior


Just as shoppers heading online for Black Friday and Cyber Monday deals a new report from Bitdefender uncovers interesting parallels with behavior on dark web marketplaces.
Cybercriminals too, it seems, browse for the best deals on an assortment of unconventional goods and services. In a digital underground that mirrors traditional e-commerce in many ways, these markets cater to buyers with specific -- and often illegal needs.
38 percent think personal data theft is unavoidable


As we carry out more and more of our everyday transactions online, so the risk of falling victim to cybercrime increases too.
New research from CybSafe and the National Cybersecurity Alliance shows that 61 percent of respondents worry about becoming cybercrime victims and 38 percent believe personal data theft is unavoidable.
Ransomware still a major threat despite disruption to RaaS groups


Ransomware remains a formidable threat facing organizations, with 49 active groups impacting more than 1,000 publicly posted victims in the third quarter 2024, according to a new report.
The report from GuidePoint Security's Research and Intelligence Team (GRIT) shows threat actors are increasingly leveraging legitimate services and platforms to deliver targeted phishing messages. While the abuse of trusted notification services is not a new approach to delivering malware, the research team has recently observed novel -- and progressively sophisticated -- delivery techniques.
Number of active ransomware groups increases over 50 percent


A new report from dark web intelligence specialist Searchlight Cyber shows a 56 percent increase in the number of active ransomware groups this year compared to the first half of 2023, reflecting a diversification of the ransomware landscape.
LockBit has retained its top position despite the disruption caused by Operation Cronos, though its number of listed victims has fallen compared to H1 2023.
Businesses losing revenue to bot attacks


A new report reveals that 98 percent of organizations attacked by bots in the past year have lost revenue as a result.
The latest State of Bot Mitigation Report from Kasada, based on a survey of over 220 US tech professionals, also shows that despite investing heavily in bot defenses, most solutions are proving to be ineffective. Just one in five say that after initial deployment their bot mitigation solution retained effectiveness for more than 12 months.
The C-suite conundrum: are senior executives the Achilles' heel of cybersecurity?


In today's digital landscape, an organisation's C-suite and senior executives hold the most valuable corporate data and sign-off authorities, representing the highest potential risk over email. Whether it's inbound spear phishing attacks or outbound mistakes resulting in a damaging data breach, the C-suite are vulnerable.
But what do cybercriminals want from these individuals, are breaches always a result of external actors, and what can organisations do to protect their top decision-makers?
Recent Headlines
Most Commented Stories
BetaNews, your source for breaking tech news, reviews, and in-depth reporting since 1998.
Regional iGaming Content
© 1998-2025 BetaNews, Inc. All Rights Reserved. About Us - Privacy Policy - Cookie Policy - Sitemap.