This month in security with Tony Anscombe – April 2025 edition

From the near-demise of MITRE’s CVE program to a report showing that AI outperforms elite red teamers in spearphishing, April 2025 was another whirlwind month in cybersecurity

29 Apr 2025

The past month has seen no shortage of impactful and disconcerting cybersecurity news, including an eleventh-hour turnaround that averted the shutdown of MITRE’s CVE program to a report showing that AI outperforms red team experts in spearphishing. In this edition of the monthly roundup, ESET Chief Security Evangelist Tony Anscombe looks at:

• how MITRE’s Common Vulnerabilities and Exposures (CVE) came close to shutting down due to a lack of funding – and what questions this issue raises
• some takeaways from a survey according to which 30% of charities in the UK reported having experienced a cybersecurity breach or attack in the last 12 months
• AI outperforming elite red teamers in spearphishing, according to a report by Hoxhunt
• what Tony’s conversation with a tour guide in India revealed about effective ways of combatting deepfake-fueled extortion

Don’t forget to check out the March 2025 edition of Tony’s monthly security news roundup for more insights.

Connect with us on Facebook, X, LinkedIn and Instagram.