As we step into 2025, the cybersecurity landscape is evolving at an unprecedented pace. The frequency of cyberattacks continues to rise, with organizations facing an average of 1,308 attacks per week in early 2024—a staggering 28% increase from late 2023. This surge highlights not only the growing complexity of cyber threats but also the urgent need for enhanced security measures.
Among the most pressing concerns are the rise of Shadow AI, deepfake-enabled fraud, and open-source vulnerabilities, each presenting unique risks that demand immediate attention. Ilia Dubov, Head of Cybersecurity at Quadcode, shares his insights into these emerging threats and the steps organizations must take to protect themselves in this rapidly shifting environment.
Cybersecurity Threats Organizations Must Be Prepared for in 2025
The digital threat landscape continues to evolve, with both persistent and emerging threats requiring immediate attention:
- Ransomware attacks remain widespread. Attackers encrypt data and demand payment, often accompanied by threats to leak sensitive information.
- Initial Access Brokers (IABs) are increasingly active, selling stolen credentials that enable access to corporate systems.
- The rise of Shadow AI, where employees use unapproved AI tools, poses risks such as data leaks and unmonitored vulnerabilities.
- Open-source vulnerabilities are another growing issue. Attackers target libraries that underpin critical systems across industries. Attacks targeting volunteers who maintain open-source libraries are also on the rise, aiming to inject malicious code and spread it across as many companies as possible.
- Deepfake-enabled fraud is another key concern, as AI is used to create fake identities, manipulate authentication systems, and subsequently commit fraud.
While these threats represent some of the most pressing cybersecurity challenges of 2025, the list will continue to expand as technology evolves and cybercriminals adapt.
The Most Prevalent Cybersecurity Threats of 2024
In 2024, several familiar threats persisted but grew in scale and sophistication. Ransomware remained a dominant issue, with attackers employing double extortion techniques—encrypting data while simultaneously threatening to leak it.
Another significant threat was the rise of Initial Access Brokers (IABs), who specialized in selling stolen credentials from phishing attacks and data breaches. This commodification of access points enabled more frequent attacks on vulnerable accounts.
The rapid increase in IoT vulnerabilities also stood out in 2024. Connected devices, ranging from smart speakers to office equipment, were exploited as entry points due to inadequate security measures. According to the 2024 SonicWall Mid-Year Cyber Threat Report, attacks on IoT devices surged by 107% in the first five months of 2024 compared to the same period in 2023.
Emerging Cybersecurity Threats in 2025
Among the new and evolving threats, Shadow AI and deepfake-enabled fraud stand out as particularly alarming.
- Shadow AI Threats: The widespread use of unauthorized AI tools in workplaces creates data security risks. One example involved an AI NoteTaker bot sharing sensitive financial transcripts via an unprotected link due to default settings.
- Deepfake Fraud: Advances in AI-generated content have led to convincing deepfake scams. In 2024, a Hong Kong-based firm lost $25 million after an employee was tricked by a deepfake video call mimicking her CFO and colleagues, instructing her to transfer funds.
Both threats are growing rapidly and demand immediate mitigation strategies.
Critical Steps to Address Emerging Cybersecurity Challenges
To combat these threats, organizations and governments must take proactive measures:
It’s worth saying that two developments have evolved in parallel — technologies for collecting and storing biometric data, increasingly integrated into account security processes, and generative AI. While these technologies evolved independently, their intersection now raises serious concerns about the effectiveness of existing security systems. This convergence presents both significant opportunities and emerging threats, which remain largely unaddressed due to the relative novelty of AI.
That’s why government support for cybersecurity is critically important. Especially for biometric data systems. They demand significant investments to ensure their protection, as vulnerabilities in such sensitive areas can result in far-reaching consequences.
Secondly, I believe collaboration between the tech sector and governments is crucial to supporting open-source projects and preventing major security incidents. A recent example is the CVE-2024-3094 vulnerability in the XZ Utils library, a widely used compression tool in Linux systems. This vulnerability was introduced by a malicious contributor who spent two years building trust within the project. After gaining maintainer access, they inserted a backdoor enabling remote code execution (RCE), leaving any system using the compromised version at risk.
If not for the sharp-eyed engineer who noticed unusual behavior, the backdoor could have gone undetected for much longer, potentially exposing millions of Linux systems, including popular distributions like Fedora and Ubuntu. The attack showed how easily underfunded open-source projects can be targeted, as their maintainers often lack the resources to vet contributors or detect subtle malicious code thoroughly. Without proactive support, this vulnerability will continue to threaten global systems that rely on open-source software.
Organizations like the Open Source Security Foundation work tirelessly to enhance the security of open-source projects. Still, as non-profit initiatives, they require more assistance, particularly financial backing from governments. Unfortunately, many governments prefer reactive measures, such as blocking or restricting access, instead of proactively addressing systemic issues. To really mitigate the risks, a shift in priorities is necessary to ensure the sustainability and security of the open-source ecosystem, which is integral to modern infrastructure.
Third, effective solutions for detecting deepfakes are still lacking, and increased investment in this area is essential to develop reliable detection tools.
Fourth, regulatory frameworks like the European Union’s Digital Operational Resilience Act (DORA), which came into force in January 2025, represent a major step forward in this regard. DORA focuses on enhancing the operational resilience of financial institutions, ensuring that they can withstand, respond to, and recover from cybersecurity threats. However, compliance with DORA also demands substantial investment in infrastructure and training, which organizations must prioritize to meet these new requirements effectively.
Finally, the industry could benefit from adopting AI technologies with a focus on responsibility. While AI has significant potential to enhance efficiency, implementing it thoughtfully would help ensure security. Striking a balance between embracing AI’s benefits and addressing its risks can support organizations in navigating the complexities of 2025 and beyond.
Conclusion
The cybersecurity threats of 2025 highlight a critical reality—attackers are evolving faster than ever, leveraging AI, automation, and sophisticated social engineering techniques to bypass traditional defenses. From the unchecked rise of Shadow AI to deepfake-enabled fraud and open-source vulnerabilities, organizations must take proactive steps to safeguard their digital assets.
Collaboration between governments, tech companies, and security professionals is essential to address these challenges effectively. Regulatory frameworks like the Digital Operational Resilience Act (DORA) mark a step forward, but more investment in open-source security, AI-driven threat detection, and deepfake prevention is necessary.
As cyber risks continue to grow, staying ahead requires vigilance, adaptability, and a commitment to strengthening cybersecurity at every level.