We analyze the defining cyber conflicts of 2025, dominated by state-sponsored actors like Volt Typhoon pre-positioning in critical infrastructure and groups like Salt Typhoon compromising global telecommunications networks for espionage. The season also saw ransomware evolve with extreme speed, exemplified by the Akira group's ultra-short dwell times (as low as 55 minutes) and the emergence of AI-powered malware like "PromptLock" that generates encryption scripts in real-time. Critical vulnerabilities stemmed from sophisticated supply chain breaches, where groups like ShinyHunters exploited third-party SaaS platforms via vishing and utilized zero-days like ToolShell to compromise dozens of major organizations.

https://breached.company/the-silent-revolution-how-chinas-ministry-of-state-security-became-the-worlds-most-formidable-cyber-power

https://breached.company/summer-2025-cyber-attack-retrospective

https://breached.company/threat-intelligence-report-summer-2025-cyber-threat-landscape

Sponsor:

www.cisomarketplace.com

www.breached.company