The 2025 Convergence: AI, Critical Infrastructure, and the Supply Chain Siege
The 2025 cyber landscape was redefined by the convergence of AI-driven tactics, nation-state pre-positioning in critical infrastructure (such as water, energy, and transport), and mass exploitation of supply chain weaknesses via social engineering and perimeter device zero-day vulnerabilities.
🎧 Listen to this Episode
Show Notes
We analyze the defining cyber conflicts of 2025, dominated by state-sponsored actors like Volt Typhoon pre-positioning in critical infrastructure and groups like Salt Typhoon compromising global telecommunications networks for espionage. The season also saw ransomware evolve with extreme speed, exemplified by the Akira group's ultra-short dwell times (as low as 55 minutes) and the emergence of AI-powered malware like "PromptLock" that generates encryption scripts in real-time. Critical vulnerabilities stemmed from sophisticated supply chain breaches, where groups like ShinyHunters exploited third-party SaaS platforms via vishing and utilized zero-days like ToolShell to compromise dozens of major organizations.
https://breached.company/summer-2025-cyber-attack-retrospective
https://breached.company/threat-intelligence-report-summer-2025-cyber-threat-landscape
Sponsor:
Share this episode
Enjoying CISO Insights?
Subscribe to get new episodes delivered directly to your podcast app.
Related Episodes
The 2026 Cyber Insurance Shift: AI, Exclusions, and the Resilience Mandate
A comprehensive guide to understanding how artificial intelligence, new data privacy regulations, and evolving cyber threats are fundamentally changing what it takes to secure and maintain cyber insur...
▶️ Listen Now
The Global Gig Economy of Cybercrime
The professionalization of cybercrime through the CaaS model has created a resilient and democratized digital underworld that allows diverse actors to launch sophisticated attacks against global targe...
▶️ Listen Now
Breached 2025: AI, Insiders, and the Supply Chain Crisis
This episode analyzes the defining cyber threats of 2025, detailing how AI-enhanced social engineering, systemic supply chain vulnerabilities, and malicious insiders are driving record-breaking breach...
▶️ Listen Now