5 Top Emerging Cyberthreats Of 2025: Report

Cyber threats are multiplying at an ‘unprecedented rate,’ the report states.

Secureframe, which provides a compliance automation platform, recently released a report revealing the top emerging cyberthreats so far this year.

The report notes that cyber threats are currently multiplying at an “unprecedented rate,” undoubtedly stoked by the evolution of AI.

Here are the top emerging threats in 2025, according to the report.

5 Top Emerging Cybersecurity Threats In 2025

• Organized crime

With technologies like ransomware-as-a-service, automation, and cryptocurrency to make financial transactions untraceable, cyber criminals have organized into groups. Some of the more infamous, recently active ones include the Lockbit ransomware group, Midnight Blizzard/APT29, and Salt Typhoon. To defend against these groups, Secureframe’s report recommends configuring threat intelligence feeds to monitor these known cyber criminal groups.

[RELATED: FBI Obtains 7,000 LockBit Decryption Keys]

• AI threats

Attackers are using AI to automate phishing scams, create realistic social engineering messages, analyze stolen data for “high-value” targets, and to launch malware. The report recommends battling these threats involves fighting AI with AI, for example, by leveraging AI-driven anomaly detection and behavior analytics.

• Advanced Persistent Threats (APTs)

APTs are “long-term, targeted cyberattacks often orchestrated by nation-states or organized criminal groups,” the report states.

These are “persistent” threats because adversaries attempt to main access to a compromised network for months or sometimes years, the report notes.

Industries most at-risk for APTs include government and defense, critical infrastructure, financial institutions, and high-tech and IP-heavy sectors. Recommendations to defend against APTs include implementing frameworks (like those from NIST) designed to protect sensitive data against APTs.

• Zero-day exploits

Zero-day exploits seem to be constantly in the news. These are exploits that target a vulnerability in a product of which the vendor is unaware.

Just recently, threat actors exploited CVE-2025-49706, a spoofing vulnerability, and CVE-2025-49704, a remote code execution vulnerability in Microsoft SharePoint servers.

Developing a solid vulnerability management program, use virtual patching, and subscribe to vendor alerts.

[RELATED: Microsoft Details SharePoint Server ‘ToolShell’ Attacks, Issues Patches: Here’s What To Know]

• Software supply chain attacks

In a software supply chain attack, threat actors exploit vulnerabilities in third-party software, open-source components, and development pipelines, according to the report.

Recommendations for defending against these attacks include following NIST guidelines specifically for software supply chain security.

The report also listed the top current cyberthreats and many of them are the usual suspects that have plagued IT departments everywhere.

5 Top Current Cyber Threats In 2025

• Ransomware
• Social engineering (via phishing, pretexting, and quid pro quo messages).
• Insider threats
• Data breaches
• Weak passwords/credential compromise

Access Secureframe’s full report for more details on each threat and all defense recommendations.