Navigating Emerging Threats: What Security Teams Must Watch in Late 2025

As 2025 progresses, threat actors are pushing new boundaries – leveraging AI, exploiting cloud and SaaS weaknesses, and refining social engineering tactics. For defenders, staying ahead means understanding not only what's happening now, but also anticipating what's coming next.

In this post, we examine several high-risk trends and campaigns making waves in the threat landscape today, and explore how ThreatGrid can help you detect, analyze, and respond.

AI-and Prompt-Injection Attacks – The weaponization of Generative Systems

What's happening

• Attackers are embedding hidden instructions ("prompt injections") within seemingly innocuous text or documents to influence the behavior of large language models (LLMs) or AI agents.
• These injections can manipulate AI systems to leak system data, execute unauthorized actions, or sidestep intent controls.
• As more organizations integrate generative AI in business workflows (chatbots, automation, document tools), the attack surface widens.

Why it matters

• Traditional sandboxing or static detection often fails to capture these nuances because the "attack" is embedded at the semantic or instruction-processing level, not as a malicious binary.
• A successful prompt injection might not raid obvious alarms but can subtly subvert AI agents used in business purposes.

What to do

• Monitor and sanitize user and system inputs being processed by AI systems.
• Employ prompt-hardening techniques (e.g., guardrails, prompt validation, determinism).
• Use behavior monitoring to detect unexpected downstream actions of AI agents.

TheatGrid's sandbox + behavioral analysis engine can help here: by capturing anomalous downstream actions triggered by AI agents, you can correlate odd or malicious behavior even when the primary artifact looked benign.

SaaS Breach & Extortion Campaigns – The Rise of ShinyHunters / Scattered Spider

What's happening

• The criminal groups ShinyHunters and Scattered Spider have been linked to large-scale data theft campaigns targeting Salesforce instances, OAuth / token abuse, and voice/social engineering (vishing) lures.
• In one campaign (UNC6395), attackers used stolen OAuth tokens from Salesloft / Drift integrations to exfiltrate data across hundreds of Salesforce organizations.
• The group also impersonates IT support, uses voice phishing, and lures employees into installing malicious tools to extract sensitive cloud data.

Why it matters

• SaaS environments are ubiquitous and often trusted implicitly. When attackers compromise identities or tokens, they can bypass many traditional controls.
• The scale is alarming: one campaign reportedly impacted 760 companies, exfiltrating over 1.5 billion records.

What to do

• Enforce least privilege and strictly control token scopes in SaaS integrations.
• Monitor token-based activities (refresh, abnormal patterns) and create alerts for unusual OAuth behavior.
• Enable anomaly detection on SaaS usage, especially around data exports or bulk operations.
• Treat SaaS configuration and identity hygiene as part of your perimeter.

ThreatGrid can help by analyzing suspicious binaries or scripts tied to these campaigns, correlating IOCs (e.g. IPs, domains) and integrating with SIEM/SOAR for enrichment and alerting.

Extortion of Enterprise Software Customers – The Oracle / Cl0p Campaign

What's happening

• Attackers tied to Cl0p ransomware are reportedly targeting Oracle E-Business Suite customers with extortion emails.
• The campaign appears to exploit known vulnerabilities or misconfigurations in Oracle systems and threaten data leaks or further damage unless ransom demands are met.

Why it matters

• Legacy enterprise applications remain high-value targets due to their deep access within organizations.
• Even firms with modern stacks may use older systems in back offices – often with weak patching or configuration oversight.

What to do

• Immediately verify and path all Oracle / ERP systems, including dependencies and third-party plugins.
• Monitor for suspicious access patterns, unexpected data transfers, or unknown modules loaded in such systems.
• Segment and micro-isolate legacy systems where possible.

ThreatGrid's sandboxing and behavioral signature generation can play a role in validating suspicious modules or scripts against your enterprise stacks, helping disconnect real threats from false positives.

Industrial & OT Systems Exposure

What’s happening

• More than 200,000 industrial systems are projected to be publicly exposed (e.g. ICS, SCADA, sensors) by end of 2025.
• Many of these systems lack basic authentication, use default credentials, or run outdated firmware with critical vulnerabilities.

Why it matters

• These systems control critical infrastructure — disruptions can cascade into physical consequences (power outages, water systems failure).
• Attackers targeting OT often aim for high-impact effects with lower risk of detection.

What to do

• Immediately inventory all exposed OT / ICS systems and close public access (VLAN segmentation, VPN tunnels only).
• Enforce strict access controls, multifactor authentication, and anomaly monitoring on OT traffic.
• Use network-based intrusion detection tailored for OT protocols (Modbus, DNP3, etc.).

ThreatGrid may not operate inside OT environments directly, but integration with network telemetry can help identify the malware patterns that bridge from IT to OT.

5. Evolving Threat Landscape & Trends

Automation, AI, and credential theft

• Attacks are becoming industrialized — automated scanning, credential stuffing, and exploitation at scale. Fortinet reports over 97B exploitation attempts and sees a 42% year-over-year surge in stolen credentials.
• Zero-day, fileless, and living-off-the-land (LOTL) techniques continue gaining ground.

Shadow AI & identity as perimeter

• Organizations are grappling with shadow AI — unsanctioned generative models running inside corporate environments without oversight.
• Identity is increasingly the new perimeter. Creds, tokens, and identity-based exploits form the front line of many attacks.

Quantum readiness

• While full-scale quantum decryption isn’t here yet, adversaries may be stockpiling encrypted data now to crack later.
• Businesses are beginning the shift toward crypto agility and post-quantum algorithms.

Why ThreatGrid Is Still Crucial

• Behavioral detection over signature reliance: Many of these threats (prompt injection, AI-based attacks, token abuse) defy static signature detection. ThreatGrid’s sandbox + behavior engine helps surface anomalous activity, even from novel threats.
• Correlation & context: Tie together artifacts, IOCs, attack campaign telemetry to understand the bigger picture.
• Automation & orchestration: Scale defenses in high-volume environments—automatically triage, enrich, and escalate suspicious artifacts.
• Continuous adaptivity: As threat actors shift tactics, ThreatGrid can help you iterate and refine detection through feedback loops.

Conclusion & Action Plan

To stay resilient in this shifting landscape, security teams should:

1. Reassess AI-powered systems in your stack for prompt injection or misuse.
2. Harden SaaS identity and token controls; monitor for anomalous exports or token refresh.
3. Patch and isolate legacy enterprise systems (ERP, Oracle, etc.).
4. Lock down OT systems and remove public access points, applying strict authentication and network segmentation.
5. Adopt a behavior-centric, context-driven detection mindset (not just signatures).
6. Plan for crypto agility—prepare for the quantum future now.