{"id":173575,"date":"2026-01-01T03:30:00","date_gmt":"2026-01-01T08:30:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/01\/01\/infosecuritys-top-10-cybersecurity-stories-of-2025\/"},"modified":"2026-01-01T04:25:09","modified_gmt":"2026-01-01T09:25:09","slug":"infosecuritys-top-10-cybersecurity-stories-of-2025","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/01\/01\/infosecuritys-top-10-cybersecurity-stories-of-2025\/","title":{"rendered":"Infosecurity&#8217;s Top 10 Cybersecurity Stories of 2025"},"content":{"rendered":"<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/infosecurity-top-10-stories-2025\/\">Infosecurity&#8217;s Top 10 Cybersecurity Stories of 2025<\/a><\/p>\n<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/infosecurity-top-10-stories-2025\/\">https:\/\/www.infosecurity-magazine.com\/news\/infosecurity-top-10-stories-2025\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-01-01 03:30:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.infosecurity-magazine.com\">www.infosecurity-magazine.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points. Cybersecurity dominated headlines throughout 2025, with a year marked by high-profile breaches, evolving attack techniques and major shifts in industry practices.<\/p>\n<p>From critical zero-day vulnerabilities and supply chain threats to AI-driven risks and vendor shake-ups, the security landscape has been anything but static.<\/p>\n<p>In this roundup, we\u2019ll dive into some of Infosecurity Magazine\u2019s most-read stories of the year, covering the incidents, innovations and trends that shaped the conversation in cybersecurity.<\/p>\n<p>Cyber Threat Detection Vendors Pull Out of MITRE Evaluations Test <\/p>\n<p>Read the story here<\/p>\n<p>Three major cybersecurity firms, Microsoft, SentinelOne and Palo Alto Networks, did not participate in MITRE\u2019s 2025 ATT&#038;CK Evaluations. Microsoft exited in June 2025, with SentinelOne and Palo Alto following.<\/p>\n<p>Industry analysts suggested that increasing test complexity along with concerns that the evaluations have become more of a promotional exercise than a genuine security benchmark, contributed to their withdrawal.<\/p>\n<p>MITRE&#8217;s CTO, Charles Clancy, emphasized that the annual ATT&#038;CK Evaluations, which began in 2019 to create consistency in security solution testing, are intentionally made progressively tougher to drive industry improvements. He acknowledged this year\u2019s test may have been overly demanding. MITRE plans to reinstate a vendor forum to prepare for the test before the 2026 cycle to rebuild industry confidence.<\/p>\n<p>Criminal Proxy Network Infects Thousands of IoT Devices <\/p>\n<p>Read the story here<\/p>\n<p>A criminal proxy network infected thousands of internet-of-things (IoT) and end-of-life consumer devices worldwide, primarily residing in an infrastructure based in Turkey, turning them into an open \u201cproxy-for-rent\u201d service that enables anonymous malicious activities like ad fraud, distributed denial-of-service (DDoS), brute\u2011force attacks and data exploitation.<\/p>\n<p>Although law enforcement and Lumen&#8217;s Black Lotus Labs disrupted parts of the criminal network\u2019s command\u2011and\u2011control infrastructure, the persistence of vulnerable, unpatched devices means similar threats are likely to endure.<\/p>\n<p>NIST Launches Metric to Measure Likelihood of Vulnerability Exploits<\/p>\n<p>Read the story here<\/p>\n<p>In May, NIST introduced a new metric called Likely Exploited Vulnerabilities (LEV), which builds on the Exploit Prediction Scoring System (EPSS) to statistically estimate whether a CVE has already been exploited, using historical EPSS data and Known Exploited Vulnerabilities (KEV) list information.<\/p>\n<p>Designed to enhance vulnerability prioritization, LEV provides detailed insights, such as peak EPSS scores, dates and daily probabilities, enabling organizations to better identify and remediate the most likely exploited vulnerabilities.<\/p>\n<p>New Hacking Group Leaks Configuration of 15,000 Fortinet Firewalls<\/p>\n<p>Read the story here<\/p>\n<p>In early 2025, a newly surfaced hacking group known as \u2018Belsen Group\u2019 emerged and leaked VPN credentials, admin usernames (some in plaintext), device certificates and firewall rules for around 15,000 FortiGate firewall units, most running FortiOS 7.0.x and 7.2.x, via a Tor-accessible dump on the dark web.<\/p>\n<p>The data, believed to stem from a 2022 zero\u2011day exploit (CVE\u20112022\u201140684), was confirmed authentic by CloudSEK and security researchers, prompting urgent credential rotation and patching efforts from affected organizations.<\/p>\n<p>Hackers Weaponize QR Codes in New \u2018Quishing\u2019 Attacks <\/p>\n<p>Read the story here<\/p>\n<p>Cybercriminals are increasingly using QR codes in phishing campaigns, dubbed \u2018quishing\u2019, to bypass email security filters and trick victims into scanning malicious codes that lead to credential theft or malware downloads.<\/p>\n<p>Researchers have warned that the tactic is gaining traction because QR codes are harder for traditional security tools to analyze compared to standard URLs.<\/p>\n<p>Open Source Community Thwarts Massive npm Supply Chain Attack<\/p>\n<p>Read the story here<\/p>\n<p>A potential npm supply chain disaster was averted in record time after attackers took over a verified developer\u2019s credentials. It resulted in a crypto-clipper payload implanted in malicious packages published via the compromised developers\u2019 nmp account.<\/p>\n<p>A crypto clipper steals funds by swapping wallet addresses in network requests and directly hijacking crypto transactions.<\/p>\n<p>Just hours after the compromise was confirmed, all impacted version of nmp packages had been taken down. While many people started calling this hack the \u201cbiggest supply chain attack in history\u201d, others praised the speed of the open source community\u2019s response.<\/p>\n<p>Grok-4 Jailbroken Two Days After Release Using Combined Attack <\/p>\n<p>Read the story here<\/p>\n<p>Just two days after its launch, Grok-4 was jailbroken using a new attack method developed by NeuralTrust researchers. They combined two existing strategies, Echo Chamber and Crescendo, to bypass the model\u2019s safety systems without using overtly malicious prompts.<\/p>\n<p>The goal was to test if the large language model (LLM) could be manipulated into giving illegal instructions. In this case, the researchers successfully got Grok-4 to provide step-by-step directions for making a Molotov cocktail, a scenario previously used in Crescendo\u2019s original research.<\/p>\n<p>AI Hallucinations Create \u201cSlopsquatting\u201d Supply Chain Threat<\/p>\n<p>Read the story here<\/p>\n<p>In April, security experts warned that developers using LLMs for code generation may face a new supply chain attack dubbed \u201cslopsquatting.\u201d Coined by Python Software Foundation (PSF) developer in residence, Seth Larson, the term refers to attackers exploiting LLMs\u2019 tendency to hallucinate non-existent software packages.<\/p>\n<p>A threat actor can publish a malicious package matching the hallucinated name in official repositories. When other developers prompt the same LLM, they may unknowingly install the fake package. Research from Virginia Tech and other universities tested 16 LLMs with 576,000 Python and JavaScript samples, highlighting the risk\u2019s plausibility as on average a fifth of recommended packages did not exist.<\/p>\n<p>OWASP Launches Agentic AI Security Guidance <\/p>\n<p>Read the story here<\/p>\n<p>OWASP released the Securing Agentic Applications Guide v1.0 in July. The guidance offered practical security recommendations for developers building AI agents powered by LLMs.<\/p>\n<p>It looks to address emerging risks as AI systems become more autonomous, tool-using and multi-agent, operating without human prompts and adapting dynamically. This autonomy introduces significant security concerns, particularly in areas like code generation and system configuration and could enable cybercriminals to automate attacks such as account takeovers.<\/p>\n<p>The resource aims to help AI\/ML engineers, software developers and security professionals mitigate these risks.<\/p>\n<p>Fortinet Confirms Critical Zero-Day Vulnerability in Firewalls<\/p>\n<p>Read the story here<\/p>\n<p>At the start of 2025, Fortinet disclosed a critical zero-day vulnerability (CVE-2024-55591) in FortiGate firewalls and FortiProxy, rated CVSS 9.6 and actively exploited in the wild.<\/p>\n<p>The flaw enables authentication bypass and follows reports from Arctic Wolf of a large-scale exploitation campaign targeting exposed FortiGate management interfaces since December 2024.<\/p>\n<p>Compare the top 2025 stories to last year\u2019s most read here.<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Infosecurity&#8217;s Top 10 Cybersecurity Stories of 2025 https:\/\/www.infosecurity-magazine.com\/news\/infosecurity-top-10-stories-2025\/ Publish Date: 2026-01-01 03:30:00 Source Domain: www.infosecurity-magazine.com&#8230;<\/p>\n","protected":false},"author":1,"featured_media":173576,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/assets.infosecurity-magazine.com\/webpage\/og\/47c2dfb6-fda7-42e3-882e-514f54026ba6.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,24,31,18,17,32,25,34,27],"class_list":["post-173575","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-cybersecurity","tag-exploit","tag-large-language-model","tag-llm","tag-malware","tag-phishing","tag-threat-actor","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/173575"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=173575"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/173575\/revisions"}],"predecessor-version":[{"id":173577,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/173575\/revisions\/173577"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/173576"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=173575"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=173575"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=173575"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}