Telecommunications was the most targeted industry, highlighting its prominence in adversary campaigns.

Targeting of the technology sector remained relatively stable, indicating sustained interest in tech companies and intellectual property. The emergence of business services suggests adversaries may start targeting corporate infrastructure.

The presence of multiple North Korean groups (Lazarus, Andariel, Kimsuky) in the top 10 indicates coordinated DPRK cyber operations across different operational mandates. DPRK-affiliated threat actors are increasingly leveraging sophisticated phishing campaigns, particularly those targeting Ministries of Foreign Affairs, indicating a heightened focus on geopolitical intelligence collection. 

However, a particularly insidious new vector has emerged: the DPRK IT worker campaign. As detailed in the Trellix blog, North Korean operatives are masquerading as remote IT professionals, securing legitimate employment at target organizations. In one case, an individual using the alias “Kyle Lankford” applied for a senior engineering role at a U.S. healthcare provider, passing standard hiring steps (resume submission, coding assessment) without triggering any red flags. Because no malware, phishing links, or suspicious infrastructure were involved, traditional defenses would have missed the threat entirely; only proactive threat hunting and correlation with known DPRK indicators exposed the deception.

This trend represents a shift toward malware-less, insider-style intrusion. Once embedded, the actor gains access to internal systems, data, and supply chains, dramatically increasing the risk of intellectual property theft, malicious code insertion, and sanction-evading funding. Given these developments, defense postures must expand to include insider-threat programs, rigorous hiring vetting processes, continuous background checks, and intelligence-driven correlation of candidate credentials with known DPRK indicators.

In sum, DPRK cyber operations are deepening and diversifying, from phishing and espionage to employment-based infiltration, thus demanding a more dynamic, intelligence-led response from organizations and governments alike.

Given the ongoing DPRK IT worker campaigns, organizations must enhance their vigilance and defensive strategies against potential insider threats and supply chain compromises. The demonstrated risk highlights that remote hires and supply chain contributors can serve as significant attack vectors. A robust defense posture necessitates cross-functional coordination among cybersecurity, HR, legal, and procurement teams.

This collaborative effort should integrate technical monitoring, identity verification, and geopolitical awareness to create a comprehensive and cohesive security framework.

Tools and techniques

Analysis of the tactics, techniques, and procedures (TTPs) of APT groups observed during the period covered by this report indicates that actors are maturing and utilizing more sophisticated tooling.

• Living-off-the-land: The prevalence of legitimate administrative tools (Cmd 17.8%, PowerShell 17.1%) demonstrates mature operational security practices designed to evade detection. APT groups increasingly leverage trusted system utilities rather than custom malware, complicating detection efforts.

• Persistent access priority: Backdoors dominate tool usage (26.1%), indicating APT operations prioritize long-term persistence over immediate exploitation. This pattern aligns with intelligence collection objectives and strategic positioning for future operations.

• Technique standardization: Core MITRE techniques, such as  System Information Discovery (13.4%) and  Ingress Tool Transfer (13%), remain consistent across threat actors and time periods, indicating established operational procedures and mature tradecraft.

Use of MITRE techniques remained relatively stable, with System Information Discovery, Ingress Tool Transfer, and Web Protocols consistently ranking in the top positions. This stability indicates mature operational procedures across APT groups.

Implications

The analysis reveals a mature APT ecosystem with established tool preferences, continuous innovation, and clear alignment with strategic intelligence objectives. Organizations must implement layered defenses addressing both custom APT tools and legitimate tool abuse to effectively counter these sophisticated threats.

CISOs should emphasize behavioral and contextual detection over simple signature-based alerts, implementing robust baselining of normal activity, least-privilege access, and segmentation of administrative domains. Regular hunting for misuse of native tools (e.g., PowerShell, WMI, PsExec) and tight auditing of privileged accounts are critical.

Collaboration between SOC, IT, and threat intelligence teams ensures that subtle deviations, such as unusual command-line usage or lateral movement through legitimate credentials, are identified early.

Qilin: The new ransomware king

Qilin's rise to dominance represents one of the most significant shifts in the ransomware landscape. Qilin's targeting strategy shows a clear preference for industrial organizations (29.25% of their attacks), followed by consumer services (16.10%), and financials (9.52%). Healthcare accounts for 6.80% of their attacks. This pattern suggests an understanding of which sectors are most vulnerable and likely to pay ransoms quickly due to operational disruption concerns.

SafePay: The European specialist

SafePay has established itself as a significant threat actor with a distinctive geographic focus on European markets, particularly Germany, where they conducted 32 attacks within the last two quarters. 

The decline of established players

LockBit3's continued collapse: LockBit3, once the dominant force in ransomware, recorded only 19 posts during the Q2/Q3 2025 period—  a dramatic decline from their previous prominence. This represents less than 0.58% of total ransomware activity, confirming the lasting impact of sustained law enforcement actions. However, LockBit’s operators have recently signaled a comeback by advertising a new “LockBit 5” platform, a reminder that disrupted brands often attempt rapid reconstitution.

RansomHub and Cl0p absence: Notably absent from the H2 2025 landscape are RansomHub and Cl0p, both major players in H1 2025. RansomHub’s operations collapsed abruptly in early April following a rival incursion (claimed by DragonForce), public infighting, and the ensuing flight of affiliates. While some underground claims allude to law‑enforcement involvement, public evidence points primarily to inter‑gang conflict and loss of trust. Cl0p’s silence during this period similarly suggests their typical strategic pause.

Affected sectors

The industrial sector's dominance represents a significant strategic shift in ransomware targeting. With 890 attacks (36.57% of all identified sectors), industrial organizations face unprecedented risk. This concentration suggests ransomware groups have identified industrial operations as particularly vulnerable to disruption-based extortion.

Sector-specific insights

• Healthcare under continued pressure: Healthcare organizations faced 216 attacks, underscoring their heightened risk as critical infrastructure targets.

• Financial services resilience: While financial services experienced 239 attacks, the level of activity suggests either improved defensive measures or ransomware groups recognizing enhanced security in this sector.

• Technology sector vulnerability: With 211 attacks, technology companies remain attractive targets, likely due to their valuable intellectual property and potential for supply chain impacts.

Geographic distribution

The United States remains the primary target for ransomware activity (with 1,285 victims, approximately 55.46% of all geo-identified posts), but there are notable shifts in the international landscape.

Regional patterns

• North American focus: Combined US and Canadian attacks account for ~61% of all activity, suggesting ransomware groups view North America as the most lucrative target region.

• European diversification: European targets are spread across multiple countries, with the UK (105 attacks), Germany (101 attacks), and Italy/Spain (50 attacks each) representing the primary focus areas.

• Emerging market presence: Brazil (40 attacks) and India (33 attacks) indicate ransomware groups are expanding operations into rapidly developing economies.

Strategic implications and recommendations

For security leaders

Build defenses around behaviors, not brands. Emphasize early‑stage intrusion detection (credential misuse, LOLBins, lateral movement) over actor‑specific TTPs; monitor and constrain PowerShell, PsExec, and net; and prepare for rapid rebranding (e.g., the advertised “LockBit 5” revival) that changes names but not tradecraft.

Key defensive priorities

1. Industrial sector focus: Organizations in industrial sectors should implement enhanced monitoring and backup strategies, given their disproportionate targeting.

2. SME vulnerability: Small to medium-sized enterprises need accessible security solutions that provide enterprise-level protection.

3. Geographic considerations: US-based organizations should implement additional security measures given their increased targeting risk.

4. Emerging threat monitoring: Security teams should maintain awareness of new group emergence patterns and adapt defenses accordingly.

TTPs detected in ransomware campaigns

PowerShell emerged as the dominant attack vector, observed in 719 ransomware campaigns, representing 77.7% of all tool-based ransomware activity. This reflects the continued abuse of legitimate administrative tools for malicious purposes in the ransomware killchain.

Key attack patterns:

• Network Reconnaissance: SoftPerfect Network Scanner (54.2%)

• Lateral Movement: PsExec abuse (66.5%)

• Command Execution: Net commands (70.2%)

Implement PowerShell logging, constrained language mode, and application allowlisting. Monitor PsExec usage and restrict network scanning tools. Additionally, consider deploying PowerShell security frameworks, such as Antimalware Scan Interface (AMSI) bypass detection.

Ransomware

AI-powered chatbot

RaaS operators are increasingly adopting AI-powered malware and tools, demonstrating a commitment to innovation. Within the highly competitive ransomware landscape, RaaS groups must innovate to differentiate themselves from competitors and assure their affiliates of their contemporary relevance. Trellix has observed a growing number of new RaaS groups that appear to have integrated AI features into their ransomware services.

The GLOBAL RaaS group has recently incorporated an AI chatbot into its ransomware admin panel, enabling ransomware affiliates to analyze victim company data, including revenue and payment behavior, and to formulate effective negotiation strategies. The AI-based chatbot facilitates dynamic communication strategies with victims, allowing affiliates to demand realistic ransom amounts.

An AI chatbot used by another RaaS group, CHAOS, empowers ransomware affiliates to generate their own reusable victim chat notes or use a predefined template from the ransomware operator, thereby streamlining and optimizing communication with victims.

Post translation

Toggle translation

AI-based calling bot

Trellix observed the threat actor anongod offering an AI-powered calling bot on the RAMP underground forum for $2500 USD. This threat actor is known to be involved in ransomware operations and previously managed the Bl00Dy ransomware group.

The Auto-LLM spoofing call bot is based on a pre-trained AI language model and is designed for customer (aka victim) management. The bot facilitates automated calls to a list of phone numbers with predefined instructions. It is ideally suited for ransomware groups' calling services, where perpetrators contact high-ranking employees of victim companies to inform them of a file encryption and/or a data breach. Ransomware callers typically use predefined templates for initial contact with victim companies; this malicious tool eliminates the need for human callers, as the AI-powered spoofing bot automates the task.
Anongod stated the bot requires the installation of an Asterisk server (telephony server) and a SIP trunk (VoIP technology and streaming media service).

Trellix has seen the ransomware landscape demonstrably evolving in parallel with the proliferation of AI technologies. Cybercriminals are continually innovating and endeavoring to integrate AI-based technologies into their ransomware operations. By automating various facets of the ransomware business, such as incorporating an AI chatbot for victim negotiation or attempting to entirely replace human callers with AI-powered calling bots, ransomware groups are showcasing their adaptability to contemporary advancements. They are constantly modernizing their RaaS offerings to maintain relevance and a competitive advantage over other ransomware gangs.

XenWare AI-based ransomware

XenWare is a fully AI-generated ransomware that appeared in April 2025. It was developed by the Xanthorox AI platform, which positions itself as a next-generation malicious AI service distinct from conventional jailbroken LLMs. Xanthorox AI uses fine-tuned LLMs with uncensored response generation capabilities, running on self-hosted infrastructure rather than relying on API-based services like other malicious AI platforms.

The actor behind XenWare claims they have not touched a single line of code and that the Xanthorox AI did everything. They shared a sample of C++ based XenWare as a demonstration of Xanthorox AI capabilities on GitHub.

XenWare employs a sophisticated encryption methodology similar to LockBit ransomware, using a per-file AES-256 key subsequently encrypted by a master RSA-4096 key. Its aggressive multithreading capabilities facilitate rapid encryption across multiple storage drives concurrently. Furthermore, the integrated Telegram bot notification system furnishes immediate, remote confirmation of successful infection and provides critical victim details to the operator. 

Fully AI-generated XenWare offers a glimpse into the future evolution of ransomware, where even lower-tier cybercriminals, leveraging malicious LLMs, could create customized ransomware through simple prompting, eliminating the need for ransomware development. The versatility and adaptability of AI-based ransomware could facilitate more targeted attacks with elevated success rates, thereby increasing the overall impact and profitability of AI-driven ransomware operations.

Update incident response playbooks to address AI-powered ransomware scenarios, including protocols for identifying AI-driven negotiation tactics and automated calling bots. Train security teams to recognize the unique characteristics of AI-generated attack vectors, such as XenWare ransomware.

Other malware

LameHug Infostealer

In July 2025, CERT-UA disclosed the emergence of LameHug, the first publicly reported AI-powered information stealer. This infostealer was attributed to APT28 with moderate confidence.

LameHug represents a paradigm shift in malware development by integrating an LLM for dynamic command generation. The malware is written in Python and leverages the Hugging Face API to interact with Alibaba Cloud's Qwen 2.5-Coder-32B-Instruct model, an open-source LLM specifically designed for code generation and programming-related tasks. This architectural choice enables the malware to transform natural-language descriptions into executable Windows commands in real time, fundamentally altering traditional malware execution patterns.

The AI integration operates through a sophisticated prompt-based system where LameHug sends prompts to the LLM and receives dynamically generated command sequences tailored to specific reconnaissance and data exfiltration objectives.

The malware can generate complex multi-command sequences, including system information gathering through systeminfo, wmic queries for hardware enumeration, network configuration analysis via ipconfig, and user privilege assessment using whoami commands. This approach eliminates the need for hard-coded command sequences, making each infection instance unique in its execution. An example of LLM-generated commands based on LameHug’s hardcoded prompt is as follows:

LameHug's operational sophistication extends beyond simple command generation to encompass advanced evasion techniques that leverage AI-powered adaptability. The infostealer’s use of the Hugging Face infrastructure provides inherent stealth advantages, as communications with the LLM API appear as legitimate traffic to cloud-based AI services. This obfuscation technique makes network-based detection significantly more challenging, as security solutions must differentiate between legitimate AI service use and malicious command-generation activities.

The dynamic nature of AI-generated commands introduces unprecedented variability in malware behavior patterns. Traditional signature-based detection systems rely on recognizing specific command sequences or behavioral patterns. However, LameHug's ability to generate contextually appropriate yet unique command combinations for each deployment renders these detection methods largely ineffective.

The emergence of LameHug signals a fundamental shift in the cyberthreat landscape toward more autonomous, adaptive malware families. This development marks the beginning of a new era in which AI capabilities are directly integrated into malicious code execution, rather than merely supporting development or analysis phases. 

The malware's success in operational deployment against Ukrainian organizations demonstrates that AI-powered attack tools have transitioned from theoretical concepts to practical weapons in state-sponsored arsenals. This progression suggests that other threat actors will likely invest in similar capabilities, potentially accelerating the development of AI-enhanced malware families across the cyber threat landscape.

Implement monitoring of outbound connections to AI service APIs (particularly Hugging Face and cloud-based LLM platforms) from endpoints. This establishes baseline patterns to detect anomalous API calls that may indicate AI-powered command-generation activity.

AI-powered SMTP warming tool

The actor Chernomor has advertised an AI-powered SMTP warming tool on the BHF underground forum, representing a significant evolution in email-based threat capabilities. This tool leverages AI to create sophisticated, realistic email interaction patterns designed to manipulate email service provider reputation systems and bypass anti-spam defenses.

The advertised tool incorporates several AI-driven features that distinguish it from conventional SMTP warming solutions. The AI component operates via the Internet Message Access Protocol (IMAP) to generate what the actor describes as "realistic mail activity" that mimics genuine user behavior. This AI system is designed to read incoming emails, automatically move messages from spam folders to inboxes, apply appropriate labels, and mark emails as important — all actions that email service providers use as positive reputation signals.

The AI-powered tool’s sophistication is highlighted by its ability to support over 40 different conversation topics across more than 10 languages, suggesting the use of natural language processing capabilities to generate contextually appropriate email content and interactions. This multilingual and multi-topical approach indicates that the malicious tool can adapt its behavior patterns to different markets and cultural contexts, making the synthetic activity appear more authentic to email provider algorithms that analyze communication patterns for legitimacy indicators.

The commercialization of AI-enhanced SMTP warming tools represents a democratization of advanced email threat capabilities. At $700 USD for a one-time purchase with full source code included, this tool makes sophisticated email reputation manipulation accessible to a broader range of threat actors who may lack the technical expertise to develop such capabilities independently. The inclusion of Python-based source code is particularly concerning as it enables further customization and potentially the development of derivative malicious tools with enhanced capabilities.

The AI-based tool's compatibility with major email providers, including Gmail, Yahoo, Outlook, and corporate domains, indicates threat actors can now target the full spectrum of email infrastructure with AI-enhanced reputation manipulation techniques. This broad compatibility, combined with the AI's adaptive capabilities, suggests that traditional email security measures may need significant enhancement to detect and mitigate these advanced warming techniques.

The integration of AI technology into traditional SMTP warming techniques marks a concerning advancement in cybercriminal tooling that could substantially increase the effectiveness of malicious email and phishing campaigns.

The findings emphasize the urgent need for a strategic shift from a reactive, volume-based vulnerability management model to a proactive, threat-intelligence-driven, automated security posture. Organizations can no longer rely on a time buffer for patching or on traditional code review processes. The path forward requires a new security calculus: prioritizing remediation efforts based on active exploitation, securing the AI-powered development lifecycle with robust governance, and deploying AI-driven defense systems capable of operating at the speed of modern threats.

Strategically shift from traditional patching approaches to threat-intelligence-driven vulnerability management. Require organizations to prioritize active exploitation data over CVSS scores, implement automated security postures capable of responding to AI-generated exploits, and establish robust governance frameworks for securing AI-powered development lifecycles against sophisticated attack chains.

Key findings

The Trellix Advanced Research Center has prioritized a subset of the vast number of CVEs published annually for in-depth analysis. While the total number of disclosed vulnerabilities is substantial, projections for 2025 suggest 41,000 to 50,000 new CVEs, with over 32,000 CVE records published by the end of Q3 2025. 

The most common attack types observed were:

1. Remote Code Execution

2. Cross-Site Scripting

3. Memory Corruption

4. Elevation of Privilege

5. Path Traversal

Top vendors and exploitation trends

During Q2 - Q3 2025, threat actors continued to focus on foundational IT infrastructure, particularly operating systems and network devices. The targeting of security vendors observed in the previous period has also persisted.  

• Microsoft ecosystem targeted: 15 campaigns exploited vulnerabilities in Microsoft products, including Windows, SharePoint, and Office. The CVE-2025-53770 SharePoint zero-day was a notable finding, with 8.7K detections across 13 campaigns. Other vulnerabilities observed in the Microsoft ecosystem included CVE-2025-21293 (Active Directory), CVE-2025-33053 (Windows WebDAV), and CVE-2025-32717 (Word).  

• Focus on network infrastructure: Cisco was a target in 8 campaigns, with exploitation attempts against its ISE and Firewall products, including CVE-2025-20286 (Identity Services Engine) and CVE-2023-20198 (IOS XE Web UI). Fortinet products, including FortiSwitch and FortiVoice, were targeted in 5 campaigns, focusing on authentication bypass flaws and Remote Code Execution. Vulnerabilities such as CVE-2024-48887 (FortiSwitch) and CVE-2025-32756 (FortiVoice) were observed.  

• Enterprise applications and open-source software: Threat actors actively exploited vulnerabilities in enterprise applications and open-source software. Vulnerabilities in Xerox FreeFlow, Veeam Backup, and Roundcube Webmail, such as CVE-2025-23121 and CVE-2025-49113, were used for Remote Code Execution attacks. Legacy vulnerabilities remained a persistent threat, with high detection rates for CVE-2021-44228 (Log4Shell), CVE-2021-41773 (Apache HTTP), and CVE-2022-26134 (Atlassian Confluence).

Top five CVEs Trellix observed in our telemetry:

1. CVE-2021-44228: Apache Log4j2 Remote Code Execution (Log4Shell)
   This is a highly critical and widely publicized vulnerability affecting numerous versions of Apache Log4j2, a ubiquitous Java logging library. It allows for unauthenticated remote code execution (RCE), giving an attacker complete control over a compromised server. The widespread adoption of Log4j2 across a vast array of enterprise applications and services made this vulnerability exceptionally dangerous.

2. CVE-2022-26134: Atlassian Confluence Server and Data Center Remote Code Execution
   This critical-severity RCE vulnerability allows threat actors to bypass authentication and run arbitrary code on unpatched Confluence systems. Because Confluence is a widely used collaboration software, this vulnerability is particularly concerning for organizations.

3. CVE-2021-41773: Apache HTTP Server Directory Traversal and Remote Code Execution
   This vulnerability impacts the Apache HTTP Server, specifically involving a directory traversal flaw. Attackers can exploit this to access files outside the intended web root, potentially leading to remote code execution. This highlights the importance of proper server configuration and input validation.

4. CVE-2025-53770: SharePoint Zero-Day Vulnerability Exploitation Attempts
   This refers to observed exploitation attempts against a SharePoint zero-day vulnerability, meaning a vulnerability that was not publicly known or patched at the time of initial exploitation. CVE-2025-53770 is a critical RCE vulnerability affecting on-premises Microsoft SharePoint Servers, identified as a variant of the existing CVE-2025-49706.

5. CVE-2021-36934: Windows Elevation of Privilege (HiveNightmare/SeriousSAM)
   This vulnerability stems from overly permissive Access Control Lists (ACLs) on multiple system files, including the Security Accounts Manager (SAM) database. It allows a locally authenticated attacker to gain access to sensitive Hive files, which can lead to local privilege escalation and other security implications. This vulnerability, actively exploited in the wild under the moniker "ToolShell," allows unauthenticated attackers to gain complete access to SharePoint content, including file systems and internal configurations, and to execute arbitrary code remotely. SharePoint is a critical platform for many enterprises, making any zero-day vulnerability extremely dangerous. The observed patterns highlight the methods attackers use to gain control and extract sensitive information from these systems, underscoring the need for organizations to remain vigilant for unusual network traffic. The observed exploitation patterns include:
   • POST requests to / _layouts/15|16/ToolPane(.)aspx: These requests are associated with attempts to achieve remote code execution on SharePoint servers.
   • GET requests to / _layouts/15|16/spinstall*(.)aspx: These requests have been observed in connection with cryptographic secret exfiltration, suggesting attackers are trying to steal sensitive data from SharePoint installations.

Top five vulnerability types

Beyond the high-level attack vectors, an analysis of the specific CVEs observed in this period reveals certain underlying vulnerability types were particularly prevalent. The data indicates that threat actors are consistently targeting foundational weaknesses related to authentication, memory handling, and the software supply chain.

1. Supply chain: This vulnerability type was a major concern, given the rise in attacks targeting a component's entire supply chain. A clear example from this period is the CVE-2025-1568 vulnerability in Google's Gerrit, which was classified as a supply chain attack. The proliferation of vulnerabilities in development tools also highlights a growing awareness of these risks. 

2. Improper access control and authentication bypass: This category includes vulnerabilities that allow an attacker to bypass authentication mechanisms or access resources without proper authorization. A significant number of CVEs in the provided data fall into this category, including CVE-2025-52970 for Fortinet FortiWeb and CVE-2025-2825 for CrushFTP. The Cybersecurity and Infrastructure Security Agency (CISA) also added multiple vulnerabilities related to improper authentication to its Known Exploited Vulnerabilities (KEV) Catalog in June. 

3. Memory corruption: This broad class of vulnerabilities remains a top concern, as it often leads to remote code execution. Numerous examples were observed, such as a buffer overflow in Meshtastic Firmware (CVE-2025-24797) and a use-after-free vulnerability in the Linux Kernel (CVE-2025-21756). CISA also added several memory corruption vulnerabilities to its KEV Catalog in May, specifically targeting the Microsoft Windows DWM Core Library and Common Log File System (CLFS) Driver. 

4. Injection: Injection vulnerabilities allow attackers to inject their own data or commands into an application. This was a consistently prevalent threat, with examples ranging from SQL injection in Fortinet FortiWeb (CVE-2025-25257) to a command injection flaw in a Honeywell alarm control panel (CVE-2025-2605). This category also includes CVE-2025-4517, which is a Path Traversal vulnerability in Python's Tarfile library. 

5. Privilege escalation: These vulnerabilities allow an attacker to gain a higher level of access to a system than they were initially granted. Examples from the observed data include a privilege escalation flaw in the Sudo Project's sudo (CVE-2025-32463) and a vulnerability in Notepad++ Installer (CVE-2025-49144) that could be used for the same purpose.

The persistence of legacy vulnerabilities like Log4Shell alongside emerging zero-days reveals a critical blind spot in threat intelligence utilization: organizations are failing to correlate historical exploitation patterns with current attack campaigns. CISOs should implement threat intelligence-driven "vulnerability contextualization" frameworks that transform raw CVE data into actionable risk intelligence.

By mapping exploitation data against organizational attack surfaces, security teams can understand which vulnerabilities exist and which ones adversaries are actively targeting in similar environments.

Temporal analysis of CVE exploitation

The daily trend data for CVE exploitation attempts from April to September 2025 reveals a pattern of intense activity with notable peaks and valleys. The overall volume of mass exploitation campaigns declined significantly after the second quarter, consistent with the general 69% detection decline from April to September 2025. Analysis of our daily telemetry reveals a significant spike in exploitation attempts in late April, driven primarily by attacks targeting a legacy Apache HTTP Server vulnerability (CVE-2021-41773) and an Atlassian Confluence vulnerability (CVE-2021-26084).

While mass exploitation campaigns saw a decline, CISA continued to actively add exploited vulnerabilities to its KEV Catalog throughout the period, underscoring the ongoing threat. In May, CISA added five new vulnerabilities, including several for the Microsoft Windows DWM Core Library and Common Log File System (CLFS) Driver. The agency added five more in June, targeting products from ASUS and ConnectWise, and a specific webmail vulnerability in July. This dynamic indicates a shift from broad, mass-scale attacks to more targeted operations in the third quarter.

The AI factor: future projections

The rise of artificial intelligence is creating a fundamental shift in the vulnerability landscape. On one hand, AI-assisted programming is enabling developers to generate three to four times more code, but it is simultaneously introducing more complex and subtle vulnerabilities, such as a 322% increase in privilege escalation issues and a 153% increase in architectural design flaws. This paradoxical acceleration of both productivity and security debt is projected to continue, creating a "timebomb" that could compromise entire systems.  

Concurrently, threat actors are leveraging AI as a force multiplier. New research has demonstrated AI systems capable of generating a working exploit for a published CVE in just 10-15 minutes. This capability, which is already being used in the wild by AI-powered offensive frameworks, is collapsing the traditional window defenders have to patch systems. The projections for the next six months indicate that this dual-sided acceleration will continue, leading to a new class of attacks that are faster, more automated, and able to operate at a scale previously unseen, forcing a new approach to cybersecurity that is equally agile and proactive.

The convergence of AI-generated exploits and AI-introduced vulnerabilities creates a feedback loop that will exponentially accelerate cyber risk. CISOs must leverage predictive threat intelligence to treat AI as both a security control and a threat vector simultaneously.

Additionally, establish governance frameworks that use threat intelligence feeds to dynamically adjust security postures based on the evolution of AI capabilities rather than reactive responses to static threat models.