CybelAngel’s 2025 External Threat Intelligence Report is Here
Table of contents
Our annual cyber threat intelligence report is now available!
The world of illicit cyber threats becomes a lot clearer when we examine what happened last year.
This report, written by CybelAngel’s CISO, Todd Carroll, covers the important hot topics dominating your threat landscape today.
From APTs to APIs, to real-time threats like generative AI’s impact on phishing attacks, and much more.
We focused on two key questions that can help your security teams:
- What is behind the surge in threat patterns?
- What best practices can I deploy to stay safer this year?
If you are looking for an answer to both of these questions, you’ll find useful data nuggets that can help you make sense of current cybercrime puzzles.
Todd Carroll, the author of this report, is CybelAngel’s CISO and President of CybelAngel USA. He spent over 20 years in the U.S. Federal Bureau of Investigation’s cyber, counterintelligence and counterterrorism branches before joining CybelAngel in 2019.
Will 2025 mirror what we’ve seen last year?
Corporates of all sizes are still fair game for cybercriminals in many of the largest economies, including the US, the UK, France, Germany, and Japan- there has been a massive 76% increase in victims named on eCrime leak sites last year alone.
But many threat detection strategies continue to come up short.
This isn’t for a lack of trying from the CISO perspective- new threats and emerging players are hugely sophisticated, as our report details. The same goes for the underlying infrastructure that makes gen AI cybercriminals outpace sluggish security controls.
Cybercriminals are not standing still.
Our report studies the emerging players, the moving and shaking with cybercriminal communications, and the accelerated ways AI is impacting social engineering campaigns.
Take the example of the prolific fall of LockBit in April (they have racked up $91 million of ransomware payments in the U.S. alone). Once a dominant force, our data found that RansomHub’s RaaS malware is now the player to watch.
Within the full report, you’ll find analysis on major industry changes and how threat actors are evolving alongside these movements.
Breaking down the biggest cybersecurity threat patterns
Your endpoints aren’t just laptops anymore. They’re mobile devices, IoT gadgets, cloud instances – each one a potential breach waiting to happen. Or misconfigured cloud infrastructure? You need managed detection and response strategies to avoid leaving your digital front door wide open.
Within this report, CISOs and their SOC teams will find guidance.
Here are the cyber threat themes we explored in this year’s report:
- The data behind rising ransomware attacks and new players
- Tips for striking out API vulnerabilities
- APT threats fueled by China, coming to a horizon near you
- A masterclass in understanding exposed assets
- Countering sophisticated AI phishing threats
- How have dark web channels shifted as Bitcoin rises and Discord fades
How can our threat intelligence shape your approach to data protection?
To interlock threat intelligence and incident response action items for your team, you’ll need data.
Here are some of the striking key findings that emerged during our internal threat intelligence research:
- A 68.38% increase in exposed assets compared to the previous year
- 51% more alerts sent to our clients in 2024
- 42% rise in reported ransomware attacks, with a 125% increase in active groups.
- 20% year-over-year growth in exposed databases, primarily due to user negligence
- Bitcoin, Discord, and Telegram channels experienced substantial growth, with Bitcoin leading at 148.42%, followed by Telegram at 70.54% and Discord at 53.19%.
To buckle up your security posture and soak up our in-depth mitigation analysis, download the full report.
Get the bigger picture with our 2025 external threat intelligence outlook
This report wholly reflects on a challenging year in cybersecurity (with data to verify all of the good, bad, and ugly).
Attacks are up, breaches are up, and the resulting impact on business has been felt through fines, investigations, rulings, and market impact. All of this has occurred at a time when the global economy is facing uncertainties, multiplying the impact of these breaches.
Service providers, security services, zero-trust advocates,- there is everything here to equip you to ensure compliance and bolster your cybersecurity measures this year.