On August 28, 2025, Anthropic reported cybercriminals using Claude AI for ransomware attacks on 17 organizations demanding over $500,000 and aiding fraud, highlighting AI's role in evolving cyber threats.

By August 27, 2025, US and international agencies linked Chinese companies to Salt Typhoon APT targeting telecom, government, and military networks in 80+ countries, stealing over 1 million data sets. Advisories urge patching and mitigation against these state-sponsored cyberattacks.

Storm-0501 targets Microsoft Azure cloud environments using 'steal-and-destroy' ransomware tactics, compromising Active Directory and cloud domains to demand ransom and prevent recovery, highlighting advanced cloud threat evolution.

On August 27, 2025, attackers used a fake TASPEN Android app to deploy spyware stealing banking credentials and biometrics from pensioners and civil servants, exploiting legacy systems managing $15.9 billion in assets.

The 2025 IBM Ponemon report shows US data breach costs reached $10.22 million, with AI reshaping cybersecurity by aiding both defense and sophisticated attacks like phishing and deepfakes.

On August 25, 2025, GBHackers detailed KorPlug malware's second-stage DLL using O-LLVM obfuscation and provided IoCs to aid detection and threat hunting.

In 2025, the European Commission and ENISA created a €36 million Cybersecurity Reserve to provide rapid incident response services across EU states, enhancing cyber resilience against large-scale security incidents.

In August 2025, reports highlighted AI's dual role in automating threat detection and incident response while increasing risks of sophisticated attacks, emphasizing balanced AI security strategies.

Between August 24-27, 2025, Nevada's government systems were hit by a ransomware cyberattack causing data theft and service disruptions including DMV closures. The state collaborates with FBI and CISA for investigation.

On August 26, 2025, Miljödata, serving 80% of Sweden's municipalities, suffered a ransomware attack with a 1.5 Bitcoin ransom demand, potentially exposing sensitive municipal employee data and raising security concerns.

Research in 2025 found that large language models (LLMs) can introduce security flaws by replicating unsafe coding patterns, exposing API endpoints and causing data leaks in deployed applications.

A Zip Slip vulnerability discovered in 2025 affects tools like WinRAR, allowing hackers to manipulate file systems during decompression, requiring path normalization and user caution for mitigation.

Microsoft announced in 2025 new Insider Risk Management features to identify intentional and accidental risks from generative AI apps, including sensitive data sharing and IP theft.

On August 26, 2025, SUTD released Sni5Gect, an open-source toolkit that downgrades 5G to 4G by sniffing and injecting messages, achieving up to 90% success without rogue base stations.

Israel's National Digital Agency revealed ShadowCaptcha, active for over a year, exploiting ClickFix CAPTCHAs on WordPress sites to manipulate users into running harmful commands, threatening thousands of organizations worldwide.

ShadowSilk threat actors attacked 36 government organizations across Central Asia and APAC in 2025, focusing on data theft and sharing tools with other known cyber espionage groups.

A Lockbit ransomware variant targeting Linux ESXi servers employs ptrace debugging detection and advanced encryption techniques to evade analysis and suspend VMs for encryption.

By late 2025, cyberattacks on cars exploiting wireless systems may enable remote control and data theft, with only 40% of manufacturers having dedicated security teams.