Cybersecurity trends in 2025 reveal rising AI threats, quantum risks, and supply chain attacks, pushing firms to adapt or face major data and financial losses.

The cybersecurity world isn’t just changing, it’s getting a complete makeover. With approximately 600 million cyberattacks per day in 2025, translating to 54 victims every second, the stakes have never been higher. If you’re running a business in 2025, cybersecurity isn’t some back-burner IT concern anymore. It’s your digital lifeline.

Whether you’re launching a startup that needs to search for a Domain or protecting an enterprise that’s weathered every tech storm since Y2K, understanding this year’s cybersecurity shifts isn’t optional; it’s survival.

****AI: The Ultimate Double Agent****

Artificial intelligence has officially entered its villain era, and it’s bringing some serious heat. Criminals are using AI for sophisticated attacks, crafting adaptive malware, launching real-time phishing campaigns, and creating convincing deepfakes that could fool your mother.

Here’s the kicker: The number of deepfakes is projected to reach 8 million in 2025, up from 500,000 in 2023. That’s a 1,500% increase in fake content that’s getting harder to spot every day.

****The AI Arms Race Gets Personal****

But AI isn’t just playing for the dark side. Defenders are integrating AI for advanced anomaly detection, rapid threat hunting, and automated response. It’s like having a digital security guard that never sleeps, never gets distracted, and processes threats faster than any human team ever could.

The real game-changer? Security operations centers are using AI for big data analysis of logs, rapid anomaly detection, and automated containment procedures, reducing breach window times and cutting manual analyst workloads.

****Zero Trust: The “Trust No One” Revolution****

Remember when your office network was like a medieval castle, hard shell, soft center? Those days are dead than Internet Explorer. Organisations are adopting zero trust models, which continuously verify users and devices.

****Why the Rush to Zero Trust?****

Because micro-segmentation, user context checks, and continuous session monitoring are becoming industry standards, it reduces the risks of lateral movement by attackers. Think of it as giving every user their own personal security bubble instead of one big group hug.

The momentum is real: Continuous validation of access rights and micro-segmentation are standard across cloud apps, IoT systems, and remote endpoints, offering layered protection that works.

****Quantum Computing: The Storm That’s Coming****

Let’s talk about the elephant in the server room. Quantum computing isn’t science fiction anymore; it’s a ticking time bomb for current encryption methods. Security experts predict that quantum computing poses a significant potential threat, especially for breaking contemporary encryption.

****The Post-Quantum Panic****

Here’s what keeps security experts awake: quantum computers could theoretically crack today’s encryption in hours instead of the billions of years it would take conventional computers. Organisations are beginning to explore post-quantum cryptography to protect sensitive data.

The urgency is real because adversaries aren’t waiting. They’re already collecting encrypted data now, planning to decrypt it once quantum computers become viable. It’s called “harvest now, decrypt later,” and it’s happening right now.

****Ransomware Gets a Business Model Makeover****

Ransomware isn’t just malware anymore; it’s a full-blown industry. The ransomware economy has grown, with attack toolkits available for purchase and use by less-skilled criminals. It’s like Uber for cybercrime, except everyone loses.

****The Numbers Don’t Lie****

Nearly 60% of businesses have faced ransomware attacks in the past year, and North America has seen an 8% increase in such attacks. The financial hit? The typical ransomware recovery averages $2.73 million.

But here’s the twist: Supply chain breaches, especially via third-party vendors and software dependencies, continue to surge, prompting more real-time monitoring and contractual cybersecurity demands.

****Supply Chain Attacks: The Domino Effect Nobody Saw Coming****

Your business is only as secure as your weakest vendor, and that’s becoming a serious problem. By 2025, 45% of global organisations are expected to have faced a software supply chain attack.

****The Ripple Effect****

When one vendor gets compromised, it doesn’t just affect them; it creates a domino effect across their entire customer base. Think SolarWinds, but happening more frequently and with less fanfare.

****Cloud Security: The New Wild West****

As businesses migrate to the cloud faster than you can say “digital transformation,” new attack surfaces are exposed through misconfigurations or unpatched images. Embedding security “shift-left” into DevOps is now critical.

****The Multi-Cloud Challenge****

Here’s where it gets tricky: most companies aren’t just using one cloud provider. They’re juggling AWS, Azure, Google Cloud, and private data centers like a digital circus act. Each platform has unique configurations, logs, and policy frameworks, making consistent threat visibility nearly impossible.

****The Human Factor: Still the Biggest Wild Card****

Despite all the tech advances, humans remain the weakest link in the security chain. The “hybrid workforce”, remote, contracted, or third-party, magnifies insider threats, necessitating behavioural analytics and strong identity management.

****Authentication Gets an Upgrade****

Advanced authentication through biometrics and continuous monitoring minimises credential-based threats across distributed environments. It’s not just about what you know anymore; it’s about who you are, where you are, and how you normally behave.

****The Money Trail: Following the Cybersecurity Budget****

Here’s the reality check: Global cybercrime costs are projected to hit $10.5 trillion in annual damages by 2025. That’s not a typo, trillion with a T.

****Investment Response****

The good news? 85% of organisations plan to increase cybersecurity budgets, with spend projected to grow at a 12.2% annual rate, topping $377 billion globally by 2028.

The bad news? The global shortage of skilled cybersecurity professionals continues, slowing the adoption of advanced tools across smaller enterprises.

****Data Breaches: The Expensive Reality****

Let’s talk numbers that hurt: IBM reports the global average cost of a data breach rose to $4.88 million in 2024 and continues climbing. For IoT devices specifically, the average cost of a successful attack is over $330,000.

****Identity Fraud Explosion****

Identity fraud losses reached $27.2 billion in 2024, up 19% from the previous year. Your data isn’t just valuable, it’s becoming the digital equivalent of gold.

****The Regulatory Response: Compliance Gets Serious****

Governments worldwide are responding to the escalating threat with stricter regulations. New laws mandate stronger incident reporting, data protection, and resilience, influencing risk management strategies globally.

****What This Means for Your Business****

The cybersecurity world of 2025 isn’t about perfect protection; it’s about smart adaptation. Cybersecurity requirements are embedded early in the software development lifecycle, from DevOps pipelines to ongoing vulnerability management.

****The New Security Mindset****

Organisations implement CSMA frameworks for modular, integrated controls across varied systems, improving visibility and control in decentralised environments. It’s not about building higher walls, it’s about building smarter defences.

The winners in 2025 won’t be the companies with the most expensive security tools. They’ll be the ones who understand that cybersecurity is a business strategy, not just a technical challenge. They’ll invest in their people, stay flexible with their defences, and never stop learning.

Because in cybersecurity, the moment you think you’ve figured it out is the moment someone’s already figured out how to beat you.

****Frequently Asked Questions****

**Q: How much should my company budget for cybersecurity in 2025?** A: With 85% of organisations planning to increase cybersecurity budgets, most experts recommend allocating 10-15% of your IT budget to cybersecurity. The actual amount depends on your industry risk level and current security maturity.

**Q: Is AI more helpful or harmful for cybersecurity?** A: It’s genuinely both. While criminals are using AI for sophisticated attacks, defenders are integrating AI for advanced anomaly detection and rapid threat hunting. The key is staying ahead of the curve.

**Q: Should small businesses worry about quantum computing threats?** A: Not immediately, but start planning now. Organisations are beginning to explore post-quantum cryptography, and early preparation will be cheaper than emergency migration later.

**Q: What’s the biggest cybersecurity mistake companies make?** A: Treating cybersecurity as purely a technology problem instead of a business risk. The “hybrid workforce” magnifies insider threats, requiring behavioural analytics and strong identity management. It’s about people, not just tools.

**Q: How quickly are supply chain attacks increasing?** A: Rapidly. By 2025, 45% of global organisations are expected to have faced a software supply chain attack. It’s not a matter of if, but when your supply chain will be targeted.

Cybersecurity Trends 2025: What’s Really Coming for Your Digital Defenses

Cisco Talos is back at Black Hat with new research, threat detection overviews and opportunities to connect with our team. Whether you're interested in what we’re seeing in the threat landscape, detection engineering or real-world incident response, here's where and how to find us.

Wednesday, July 30, 2025 06:00

Cisco Talos is back at Black Hat with new research, threat detection overviews and opportunities to connect with our team. Whether you're interested in what we’re seeing in the threat landscape, detection engineering or real-world incident response, here's where and how to find us: 

**Visit us at the Cisco booth: 2726 **

We’ll have short, 15-minute booth talks throughout Wednesday and Thursday of Black Hat, with topics including: 

*   Talos Vulnerability Discovery Year in Review 
*   How to: Threat Intel 
*   Full Metal SnortML: Accelerating Machine Learning based Firewalls with FPGAs 
*   From CVE to Detection: A Rule Writer's Journey Through Modern Threats 

We also have these sessions as part of the wider conference agenda: 

**Lunch & Learn: Backdoors & Breaches **

**Lagoon KL, Level 2 | Wednesday, Aug 6, 12:05–1:30 PM**    
**Speaker: Joe Marshall** 

Join Joe and members of Talos as we discuss and develop incident response plans in real-time. We’ll use real scenarios over a game of Backdoors & Breaches, an incident response card game developed by Black Hills Information Security. Members from Talos Threat Intelligence will lead tables through the game over lunch and discuss recent threat trends. 

**Reserve your spot here** 

**Mandalay Bay I | Wednesday, Aug 6, 11:20–12:10 PM**    
**Speaker: Nick Biasini** 

Nick will explore how generative AI is shaping today’s threat landscape, from attackers using AI to enhance operations, to malware posing as AI tools, to efforts targeting the models themselves. The session will also cover how organizations can safely adopt GAI while defending against its misuse. 

**Learn more here** 

**Threat Briefing: ReVault! Compromised by Your Secure SoC **

**Oceanside C, Level 2 |  Wednesday, Aug 6, 10:20–11:00 AM**   
**Speaker: Philippe Laulheret** 

This talk introduces ReVault, a vulnerability affecting a widely used embedded security chip. Philippe will demonstrate how a low-privilege user can exploit the flaw to extract sensitive data, gain persistence at the firmware level, and compromise the host system.  

Learn more here 

**Visit the Splunk Booth: Threat Hunters Cookbook Launch **

**Splunk Booth 3046**

Our colleagues at Splunk will be launching their brand new _Threat Hunters Cookbook_ in hard copy. We’ve had a sneak preview, and trust us, this is a brilliant resource for those who want to use modelling and machine learning to conduct threat hunts that really get the best out of your efforts.  

If you're at the show, we’d love to hear what you’re working on, so stop by the Cisco booth (and grab yourself a Snorty while you’re at it). See you in Vegas!

Cisco Talos at Black Hat 2025: Briefings, booth talks and what to expect

This week on the Lock and Code podcast, we revisit an interview with Joseph Cox about the largest FBI sting operation ever carried out.

_This week on the Lock and Code podcast…_

For decades, digital rights activists, technologists, and cybersecurity experts have worried about what would happen if the US government secretly broke into people’s encrypted communications.

The weird thing, though, is that, in 2018, it already happened. Sort of.

US intelligence agencies, including the FBI and NSA, have long sought what is called a “backdoor” into the secure and private messages that are traded through platforms like WhatsApp, Signal, and Apple’s Messages. These applications all provide what is called “end-to-end encryption,” and while the technology guarantees confidentiality for journalists, human rights activists, political dissidents, and everyday people across the world, it also, according to the US government, provides cover for criminals.

But to access any single criminal or criminal suspect’s encrypted messages would require an entire reworking of the technology itself, opening up not just one person’s communications to surveillance, but everyone’s. This longstanding struggle is commonly referred to as The Crypto Wars, and it dates back to the 1950s during the Cold War, when the US government created export control regulations to protect encryption technology from reaching outside countries.

But several years ago, the high stakes in these Crypto Wars became somewhat theoretical, as the FBI gained access to the communications and whereabouts of hundreds of suspected criminals, and they did it without “breaking” any encryption whatsover.

It all happened with the help of Anom, a budding company behind an allegedly “secure” phone that promised users a bevy of secretive technological features, like end-to-end encrypted messaging, remote data wiping, secure storage vaults, and even voice scrambling. But, unbeknownst to Anom’s users, the entire company was a front for law enforcement. On Anom phones, every message, every photo, every piece of incriminating evidence, and every order to kill someone, was collected and delivered, in full view, to the FBI.

Today, on the Lock and Code podcast with host David Ruiz, we revisit a 2024 interview with 404 Media cofounder and investigative reporter Joseph Cox about the wild, true story of Anom. How did it work, was it “legal,” where did the FBI learn to run a tech startup, and why, amidst decades of debate, are some people ignoring the one real-life example of global forces successfully installing a backdoor into a company?

> The public…and law enforcement, as well, \[have\] had to speculate about what a backdoor in a tech product would actually look like. Well, here’s the answer. This is literally what happens when there is a backdoor, and I find it crazy that not more people are paying attention to it.

Tune in today to listen to the full conversation.

**Listen up—Malwarebytes doesn’t just talk cybersecurity, we provide it.**

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being with our exclusive offer for Malwarebytes Premium for Lock and Code listeners.

 How the FBI got everything it wanted (re-air) (Lock and Code S06E15) 

Palo Alto, California, 29th July 2025, CyberNewsWire

**Palo Alto, California, July 29th, 2025, CyberNewsWire**

Despite the expanding use of browser extensions, the majority of enterprises and individuals still rely on labels such as “Verified” and “Chrome Featured” provided by extension stores as a security indicator. The recent Geco Colorpick case exemplifies how these certifications provide nothing more than a false sense of security – Koi Research disclosed 18 malicious extensions that distributed spyware to 2.3M users, with most bearing the well-trusted “Verified” status.

SquareX researchers disclosed the technological reason behind this vulnerability, highlighting an architectural flaw in Browser DevTools that prevents browser vendors and enterprises from performing the thorough security analysis many enterprises expect.

> “Aside from the fact that thousands of extension updates and submissions are being made daily, it is simply impossible for browser vendors to monitor and assess an extension’s security posture at runtime,” says Nishant Sharma, Head of Security Research at SquareX, “This is because existing DevTools were designed to inspect web pages. Extensions are complex beasts that can behave dynamically, work across multiple tabs and have “superpowers” that allow them to easily bypass detection via rudimentary Browser DevTool telemetry.”

In other words, even if browser vendors were not inundated by the sheer quantity of extension submission requests, the architectural limitations of Browser DevTools today would still allow numerous malicious extensions to pass DevTool based security inspections. 

Browser DevTools were introduced in the late 2000s, long pre-dating the widespread extension adoption. These tools were invented to help users and web developers debug websites and inspect web page elements. However, browser extensions have unique capabilities to, among others, modify, take screenshots and inject scripts into multiple web pages, which cannot be easily monitored and attributed by Browser DevTools. For example, an extension may make a network request through a web page by injecting a script into the page. With Browser DevTools, there is no way to differentiate network requests made by the web page itself and those by an extension.

Detailed in the technical blog, SquareX’s researchers propose a novel approach that uses the combination of a modified browser and Browser AI Agents to plug this gap. The modified browser exposes critical telemetry required to understand an extension’s true behavior, while the Browser AI Agent simulates different user personas to incite various extension behaviors at runtime for monitoring and security analysis. This not only allows a dynamic analysis of the extension, but also discoveries of various “hidden” extension behaviors that are only triggered by time, a certain user action or device environments. Named the Extension Monitoring Sandbox, the research details the necessary modifications required for the modified browser. 

The revelation of Browser DevTools’ architectural limitations exposes a fundamental security gap that has led to millions of users being compromised. As browser extensions become a core part of the enterprise workflow, it is critical for enterprises to move from superficial labels to solutions specifically designed to tackle extension security. It is absolutely critical for browser vendors, enterprises and security vendors to work closely together in tackling what has become one of the fastest emerging threat vectors.

This August, SquareX is offering a free enterprise-wide extension audit in August. The audit involves conducting an extensive audit of all extensions installed across the organization using all three components of the SquareX Extension Analysis Framework – metadata analysis, static code analysis and dynamic analysis with the Extension Monitoring Sandbox – providing a full analysis of the organization’s extension risk exposure and a risk score for each extension.

**About** **SquareX**

SquareX’s browser extension transforms any browser on any device into an enterprise-grade secure browser. SquareX’s industry-first Browser Detection and Response (BDR) solution empowers organizations to proactively detect, mitigate, and threat-hunt client-side web attacks including malicious browser extensions, advanced spearphishing, browser-native ransomware, GenAI data loss prevention, and more.

Unlike legacy security approaches and cumbersome enterprise browsers, SquareX seamlessly integrates with users’ existing consumer browsers, ensuring enhanced security without compromising user experience or productivity. By delivering unparalleled visibility and control directly within the browser, SquareX enables security leaders to reduce their attack surface, gain actionable intelligence, and strengthen their enterprise cybersecurity posture against the newest threat vector – the browser.

More information available at: sqrx.com

**Reference**

http://www.bleepingcomputer.com/news/security/malicious-chrome-extensions-with-17m-installs-found-on-web-store/

**Contact**

**Head of PR**  
**Junice Liew**  
**SquareX**  
**\[email protected\]**

SquareX Discloses Architectural Limitations of Browser DevTools in Debugging Malicious Extensions

A law requiring UK internet users to verify their age to access adult content has led to a huge surge in VPN downloads—and has experts worried about the future of free expression online.

After the United Kingdom’s Online Safety Act went into effect on Friday, requiring porn platforms and other adult content sites to implement user age verification mechanisms, use of virtual private networks (VPNs) and other circumvention tools spiked in the UK over the weekend.

Experts had expected the surge, given that similar trends have been visible in other countries that have implemented age check laws. But as a new wave of age check regulations debuts, open internet advocates warn that the uptick in use of circumvention tools in the UK is the latest example of how an escalating cat-and-mouse game can develop between people looking to anonymously access services online and governments seeking to enforce content restrictions.

The Online Safety Act requires that websites hosting porn, self-harm, suicide, and eating disorder content implement “highly effective” age checks for visitors from the UK. These checks can include uploading an ID document and selfie for validation and analysis. And along with increased demand for services like VPNs—which allow users to mask basic indicators of their physical location online—people have also been playing around with other creative workarounds. In some cases, reportedly, you can even use the video game _Death Stranding_’s photo mode to take a selfie of character Sam Porter Bridges and submit it to access age-gated forum content.

For proponents of the law, there is progress to point to as well. The UK’s communications regulator Ofcom says that more than 6,600 porn websites have introduced age checks so far. And major social platforms like Reddit, X, and Bluesky have also added age verification for content that is now restricted in the UK or are in the process of doing so. Microsoft has even started rolling out voluntary age checks for Xbox users in the UK. But even if this movement is satisfactory for now, digital rights advocates point out that normalizing such mechanisms creates the possibility that they will be enforced more aggressively in the future.

“I think people just want to show that we can make some progress on this without thinking about what the consequences of the progress will be,” says Daniel Kahn Gillmor, a senior staff technologist at the American Civil Liberties Union. “We do know that there are some things that you can do to help kids have a better relationship with digital tools. And that involves having an adequate social support network; it involves listening when kids run into problems and making sure that they have functioning emotional relationships with adults who can respond to them. But instead what we’re looking for is a quick technological fix, and those technological fixes have consequences.”

Seema Shah, VP of research and insights at the market intelligence firm Sensor Tower, says five VPN apps have experienced particularly “explosive growth” and reached the top 10 free apps on Apple’s UK App Store by Monday.

“According to Sensor Tower estimates, iOS devices have seen a greater spike in VPN downloads in the UK, as downloads across the selected VPN apps are up an average of 100 percent day-over-day over the past four days on iOS versus a 5 percent day-over-day increase for Android devices,” Shah says.

Multiple VPN makers have also reported spikes in visitors and sign-ups in recent days. In a post on X on Friday, Proton VPN claimed that “just a few minutes after the Online Safety Act went into effect last night, Proton VPN sign-ups originating in the UK surged by more than 1,400%.” David Peterson, general manager of Proton VPN, told WIRED that since then there has been a sustained 1,800 percent increase in daily sign-ups.

Also on Friday, the Windscribe VPN service posted a screenshot on X claiming to show a spike in new subscribers. The makers of the AdGuard VPN claimed that they have seen a 2.5X increase in install rates from the UK since Friday.

Nord Security, the company behind the NordVPN app, says it has seen a “1,000 percent increase in purchases” of subscriptions from the UK since the day before the new laws went into effect. “Such spikes in demand for VPNs are not unusual,” Laura Tyrylyte, Nord Security’s head of public relations, tells WIRED. She adds in a statement that “whenever a government announces an increase in surveillance, internet restrictions, or other types of constraints, people turn to privacy tools.”

People living under repressive governments that impose extensive internet censorship—like China, Russia, and Iran—have long relied on circumvention tools like VPNs and other technologies to maintain anonymity and access blocked content. But as countries that have long claimed to champion the open internet and access to information, like the United States, begin considering or adopting age verification laws meant to protect children, the boundaries for protecting digital rights online quickly become extremely murky.

“There will be a large number of people who are using circumvention tech for a range of reasons” to get around age verification laws, the ACLU’s Kahn Gillmor says. “So then as a government you’re in a situation where either you’re obliging the websites to do this on everyone globally, that way legal jurisdiction isn’t what matters, or you’re encouraging people to use workarounds—which then ultimately puts you in the position of being opposed to censorship-circumvention tools.”

Age Verification Laws Send VPN Use Soaring—and Threaten the Open Internet

Summary The growing adoption of large language models (LLMs) in enterprise workflows has introduced a new class of adversarial techniques: indirect prompt injection. Indirect prompt injection can be used against systems that leverage large language models (LLMs) to process untrusted data. Fundamentally, the risk is that an attacker could provide specially crafted data that the LLM misinterprets as instructions.

How Microsoft defends against indirect prompt injection attacks

A new report from Google's GTIG reveals how UNC3944 (0ktapus) uses social engineering to compromise Active Directory, then exploits VMware vSphere for data theft and direct ransomware deployment. Understand their tactics and learn vital mitigation steps.

A highly “aggressive” cyber campaign, identified in mid-2025 by Google’s Threat Intelligence Group (GTIG), is posing a severe threat to major industries, including retail, airlines, and insurance.

This sophisticated operation is attributed to Scattered Spider, a financially motivated hacking group also known as 0ktapus and UNC3944, which has been involved in high-profile breaches, including those affecting UK retail giants M&S, Harrods, and Co-op.

Although several members of the group have been arrested and charged in the United States and the United Kingdom over attacks on MGM Resorts and major retailers, the group remains highly active and continues to demonstrate a global presence.

In its latest campaign, as reported by GTIG, the group is eyeing compromised Active Directory accounts to gain full control of VMware vSphere environments to steal sensitive data and deploy ransomware directly from the hypervisor.

This method is particularly dangerous as it often bypasses traditional security tools like Endpoint Detection and Response (EDR), which lack visibility into the underlying ESXi hypervisor and vCenter Server Appliance (VCSA).

GTIG outlines how UNC3944 moves from an initial low-level foothold to complete hypervisor control across five methodical phases. The critical entry point involves phone-based social engineering where attackers impersonate a regular employee, making phone calls to the IT help desk. By using publicly available personal information and persuasive tactics, they trick help desk agents into resetting Active Directory passwords.

This initial access allows them to conduct internal reconnaissance, searching for high-value targets like vSphere administrators or powerful Active Directory groups. They then make a second, more informed call, impersonating a privileged administrator to take over their account. This cunning two-step process bypasses standard technical protections by exploiting vulnerabilities in help desk identity verification procedures.

Once privileged Active Directory credentials are stolen, the attackers swiftly move to compromise the vCenter Server. From there, they gain “virtual physical access” to the VCSA. They manipulate the system’s bootloader to achieve root access, enabling SSH, and then deploy a legitimate open-source tool called Teleport. This tool creates a persistent, encrypted communication channel, effectively bypassing most firewalls.

 With this deep control, they can enable SSH on ESXi hosts, reset passwords, and perform an “offline attack” on critical virtual machines, such as Domain Controllers. This involves powering off a target VM, detaching its virtual disk, attaching it to an unmonitored “orphaned” VM, and copying sensitive data like the Active Directory database.

All of this occurs at the hypervisor layer, rendering it invisible to in-guest security agents. Before deploying ransomware, they sabotage recovery efforts by targeting backup infrastructure, deleting jobs and repositories. Finally, they use SSH access to ESXi hosts to push their custom ransomware, forcibly powering off VMs and encrypting files directly from the hypervisor.

Attack chain (Via Google)

“UNC3944’s playbook requires a fundamental shift in defensive strategy, moving from EDR-based threat hunting to proactive, infrastructure-centric defence,” Google warns. The group operates with extreme speed; the entire attack, from initial access to ransomware deployment, “can occur in mere hours.” Therefore, organisations must protect their virtualised assets through strong identity verification, VMware hardening, backup integrity, and continuous monitoring.

“The advanced sophistication Scattered Spider exhibits should have security teams on high alert,” said Thomas Richards, Infrastructure Security Practice Director at Black Duck, a Burlington, Massachusetts-based provider of application security solutions.

“Social engineering attacks can be prevented with proper training and a challenge process to validate the caller is who they say they are. By using valid credentials and built-in tools, it is difficult for security teams to discern if they are compromised or not,” he advised.

Scattered Spider Launching Ransomware on Hijacked VMware Systems, Google

macOS flaw dubbed Sploitlight allows attackers to access Apple Intelligence-cached data by abusing Spotlight plugins, bypassing privacy controls.

A newly disclosed macOS vulnerability is allowing attackers to bypass Apple’s privacy controls and access sensitive user data, including files cached by Apple Intelligence. Tracked as CVE-2025-31199, the flaw was identified by Microsoft Threat Intelligence and involves a method that abuses Spotlight plugins to leak protected files.

Microsoft Threat Intelligence, which originally spotted the vulnerability, revealed the flaw and dubbed the exploit “Sploitlight” due to its abuse of Spotlight plugins. While Apple has already released a patch, the technical method behind the exploit should be concerning for macOS users, especially those using Apple’s latest AI-powered features.

It all starts with how Spotlight, macOS’s built-in search tool, handles plugins known as importers. These are designed to help index content from specific apps like Outlook or Photos.

Microsoft researchers found that attackers could modify these importers to scan and leak sensitive data from TCC-protected locations like Downloads and Pictures, even without the user’s permission. The trick? Logging file contents in chunks through the system log, then quietly retrieving them.

However, according to the company’s blog post, it gets worse. Apple Intelligence, installed by default on all ARM-based Macs, stores caches containing geolocation data, photo and video metadata, recognised faces, and even search history.

This information, protected under TCC (Transparency, Consent, and Control) rules, is typically out of reach to apps without user consent. But using Sploitlight, attackers can pull this data directly from the caches, bypassing the system’s consent mechanisms entirely.

Microsoft’s proof-of-concept shows a clear step-by-step process attackers could use to exploit the flaw. By modifying the metadata of a Spotlight plugin, placing it in a specific directory, and triggering a scan, attackers can tap into sensitive folders without ever requesting access. And because these plugins don’t need to be signed, no compilation is necessary. A few tweaks to a text file are all it takes.

Apple’s patch, released in March 2025 for macOS Sequoia, addresses this flaw. Microsoft thanked Apple’s security team for cooperating under Coordinated Vulnerability Disclosure and urged users to install the updates without delay.

The impact goes further than the mechanics of the exploit and affects real user data. Since metadata and facial recognition information sync across Apple devices via iCloud, attackers exploiting a single Mac could also gain indirect insights into iPhones or iPads linked to the same account.

This isn’t the first TCC bypass Apple has dealt with. Earlier examples like powerdir and HM-Surf relied on different system components, but Sploitlight’s use of Spotlight importers makes the attack both subtle and effective. It blurs the lines between trusted operating system components and what can be injected from user-controlled sources.

If you use a Mac, especially one with Apple Intelligence features active, make sure your system is up to date. The fix for CVE-2025-31199 is live and available, and applying it closes off this very specific way of data theft.

macOS Sploitlight Flaw Exposes Apple Intelligence-Cached Data to Attackers

### Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-25mx-8f3v-8wh7. This link is maintained to preserve external references.

### Original Description
The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds array access and a panic.

Skip to content

**Navigation Menu**

*   *   GitHub Copilot
        
        Write better code with AI
        
    *   GitHub Spark New
        
        Build and deploy intelligent apps
        
    *   GitHub Models New
        
        Manage and compare prompts
        
    *   GitHub Advanced Security
        
        Find and fix vulnerabilities
        
    *   Actions
        
        Automate any workflow
        
    
    *   Codespaces
        
        Instant dev environments
        
    *   Issues
        
        Plan and track work
        
    *   Code Review
        
        Manage code changes
        
    *   Discussions
        
        Collaborate outside of code
        
    *   Code Search
        
        Find more, search less
        
    

*   Explore
    
    *   Learning Pathways
    *   Events & Webinars
    *   Ebooks & Whitepapers
    *   Customer Stories
    *   Partners
    *   Executive Insights
    
*   *   GitHub Sponsors
        
        Fund open source developers
        
    
    *   The ReadME Project
        
        GitHub community articles
        
    
*   *   Enterprise platform
        
        AI-powered developer platform
        
    
*   Pricing

**Provide feedback**

**Saved searches****Use saved searches to filter your results more quickly**

Sign up

Appearance settings

1.  GitHub Advisory Database
2.  GitHub Reviewed
3.  GHSA-rfx3-ffrp-6875

**Duplicate Advisory: sequoia-openpgp vulnerable to out-of-bounds array access leading to panic**

Low severity GitHub Reviewed Published Jul 28, 2025 to the GitHub Advisory Database • Updated Jul 28, 2025

Withdrawn This advisory was withdrawn on Jul 28, 2025

**Package**

cargo sequoia-openpgp (Rust)

**Affected versions**

< 1.1.1

\>= 1.2.0, < 1.8.1

\>= 1.9.0, < 1.16.0

**Patched versions**

1.1.1

1.8.1

1.16.0

**Description**

Published by the National Vulnerability Database

Jul 28, 2025

Published to the GitHub Advisory Database

Jul 28, 2025

Last updated

Jul 28, 2025

**EPSS score**

Tag

#intel