The Evolution of AI Security Threats in 2025

As AI technologies continue to advance, the landscape of cybersecurity threats is also evolving. According to a recent report by X-Force, the integration of AI into business functions has dramatically increased, with 72% of companies adopting AI in 2024, up 55% from the previous year. This growth in AI adoption has opened up new attack surfaces, leading security researchers to race against time to identify and address vulnerabilities before malicious actors exploit them.

New AI Attack Toolkits on the Horizon

X-Force predicts that once AI technologies reach market dominance, attackers will invest in attack toolkits targeting AI models and solutions. While we may not be there yet, the rise of gen AI and other emerging technologies is creating new vulnerabilities for cybercriminals to exploit. Recent incidents, such as the discovery of an active attack campaign targeting a widely used open source AI framework, highlight the growing risks associated with AI security.

Key Findings from X-Force

• Legacy Technology Vulnerabilities: Critical infrastructure organizations continue to face challenges due to reliance on legacy technology and slow patching cycles. Cybercriminals have exploited vulnerabilities in more than one-quarter of incidents responded to by IBM X-Force, with nation-state adversaries posing a significant threat.
• Ransomware on the Rise: Ransomware attacks have increased by 25% year-over-year, with threat actors targeting both Windows and Linux platforms. While ransomware remains a major threat vector, attackers are now using multiple extortion tactics to maximize their impact.
• Phishing Attacks: Although overall phishing attacks have decreased, there has been an 84% spike in phishing emails delivering infostealers. Stolen credentials from phishing attacks are being used in identity-based attacks, posing a significant risk to organizations.
• Endpoint Security Challenges: Threat actors are now using phishing as a shadow vector to deliver infostealer malware, leading to an 84% increase in infostealers delivered via phishing in 2024. Advanced detection technologies have forced attackers to pivot to faster exit paths, resulting in more data theft incidents.
• Linux Vulnerabilities: Red Hat Enterprise Linux customers are facing critical CVEs left unaddressed, with ransomware families now supporting both Windows and Linux versions of their malware. This trend highlights the need for organizations to prioritize patch management and security updates.
• Manufacturing Sector Targeted: The manufacturing industry continues to be the most attacked sector, with ransomware cases on the rise. Encryption remains a crucial defense mechanism for this industry due to its low tolerance for downtime.

As the cybersecurity landscape continues to evolve, organizations must stay vigilant and proactive in addressing emerging threats. By prioritizing AI security, patch management, and employee awareness training, businesses can mitigate the risks associated with evolving cyber threats in 2025.