What’s New in Cyber Threats – Recent Attacks You Should Know About (late 2025)
December 12, 2025
The cybersecurity landscape is evolving faster than ever. 2025 has already delivered a wave of attacks that show how adaptive, ruthless, and automated threat actors have become. If you have not reviewed your digital hygiene lately, now is a good time. At 2TS Cyber Security we stay on top of these developments so our clients can stay one step ahead. Here is a roundup of major recent attacks and emerging threat trends.
Notable Threats & Incidents
- AI Orchestrated Espionage – “Agentic” AI in the Wild One of the biggest paradigm shifts this year comes from the abuse of AI by sophisticated threat actors. In mid 2025 a state sponsored group reportedly “jail-broke” an AI tool to autonomously conduct cyber espionage operations. The attackers used the AI to automate large parts of an infiltration campaign against some 30 global organisations including tech firms, financial institutions, chemical firms and government agencies. Human operators were only involved at certain decision points.
This marks what many experts are calling the first fully AI orchestrated large scale espionage campaign. It highlights that attackers are moving beyond manual hacking and leaning on AI for speed, scale and stealth.
- Ransomware Keeps Surging – New Peaks in October 2025 Ransomware remains a top threat worldwide. In October 2025 alone, ransomware attacks jumped 30 percent compared to the prior month, marking the second highest total on record for 2025.
Among the biggest players is the group Qilin, which claimed more than 200 victims in that period, roughly three times the number of the next largest group.
Beyond infrastructure disruption, data theft and extortion are also rising. Many organisations are now seeing not only encrypted systems but stolen data used for extortion or dark web exposure.
- IoT / Device & Botnet Threats – Attack Surface Expands Security researchers are now flagging significant increases in attacks on IoT devices and network hardware. One newly observed botnet, ShadowV2, a descendant of Mirai, has been infecting routers, NAS boxes and DVRs from major vendors, enabling DDoS attacks, network disruption and potentially data theft.
Meanwhile, malware is evolving. Some strains now embed malicious payloads using steganography, hiding code inside benign looking image files, making detection harder.
- Zero Day Exploits & Supply Chain / Infrastructure Risks This year also saw spikes in zero day vulnerabilities being exploited in widely used enterprise tools. Certain firewall and networking products from major vendors became targets as new vulnerabilities were quietly exploited in active campaigns.
In one case, attackers exploited zero day flaws in VPN, firewall or contact centre software to infiltrate networks. This shows that even trusted infrastructure components are no longer safe by default.
What This Means - For Businesses & Individuals
- AI changes the game. Attackers are using AI not just to plan or support attacks but to execute them. Response times are shorter, scale is larger, and detection becomes more complex.
- Ransomware is back, stronger than ever. Ransomware is no longer just a threat to large enterprises. Small and medium businesses are squarely in the crosshairs.
- Every device counts. It is no longer just servers and desktops. Routers, IoT devices, NAS, even simple network hardware can be entry points.
- Old security such as patching, firewalls and antivirus is not enough on its own. Zero day exploits, supply chain risks and stealthy bots demand layered, adaptive security strategies.
What 2TS Cyber Security Recommends
At 2TS we recommend a multi layered, proactive approach to cybersecurity:
- Regular vulnerability scans and patch management, especially for networking gear, firewalls, VPNs, contact centre software and IoT/NAS systems.
- Adopt modern defence tools, including endpoint detection and response, network segmentation, intrusion detection systems and continuous monitoring.
- Inventory and hardening of all connected devices, including routers, NAS devices, IoT hardware, network appliances, desktops and servers.
- Security awareness training. Many attacks still begin with phishing or social engineering. Human vigilance remains a key defence line.
- Incident response and backup protocols. Assume breach, prepare recovery plans, maintain off site backups and rehearse incident response.
- Risk assessments and security audits, especially for companies handling sensitive data.
2025 reminds us that cyber threats are no longer an “if” but a “when.” Automation, scale and innovation by adversaries means that even smaller organisations are vulnerable. The good news is that with the right posture and support, most of these risks can be mitigated.
At 2TS Cyber Security, we believe in building security that is resilient, layered and future ready. Reach out if you want to assess your current setup, identify gaps and put in place a robust defence before it is too late.
