Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Monthly Intelligence Insights provides a summary of top threats curated, monitored, and analyzed by Securonix Threat Labs in August 2025. The report additionally provides a synopsis of the threats; indicators of compromise (IoCs); tactics, techniques, and procedures (TTPs); and related tags. Each threat has a comprehensive summary from Threat Labs and search queries from the Threat Research team.

In the first half of 2025 alone, AppTrana blocked over 64 million bot attacks across industries, a number that highlights how automated abuse has become a daily battle for digital businesses. With 30,000+ SaaS providers powering the workflows of 14 billion users worldwide, SaaS sits at the core of digital transformation, making it a prime target for credential stuffing, account takeover, API abuse, and other bot-driven exploits.

Organizations are faced with an increasingly complex and rapidly evolving threat environment. Cybersecurity plays a vital role in governance, risk management, and compliance (GRC), serving as a critical safeguard against emerging threats. As organizations integrate robust cybersecurity measures within their GRC frameworks, they are better positioned to protect their data, maintain operational integrity, and ensure compliance with regulatory requirements.

CYJAX has conducted research into the known use of AI on social media for fraudulent activities, uncovering how malicious actors exploit these technologies to deceive users and spread misinformation.

Enterprise DDoS attacks reached critical levels in 2025, with authoritative reports documenting unprecedented attack volumes and sophistication. Global cybercrime costs are projected to reach $10.5 trillion annually by 2025, representing the greatest transfer of economic wealth in history. Selecting the wrong cloud DDoS protection creates operational disruption, compliance violations, and irreversible business damage.

Large language model (LLM) security refers to the strategies and practices that protect the confidentiality, integrity, and availability of AI systems that use large language models. These models, such as OpenAI’s GPT series, are trained on vast datasets and can generate, translate, summarize, and analyze text. However, like any complex software component, LLMs present unique attack surfaces because they can be influenced by the data they process and the prompts they receive from users.

Most Zero Trust Network Access (ZTNA) solutions claim to eliminate perimeter-based security risks, but many actually introduce new vulnerabilities. At the DEF CON hacking conference in August 2025, researchers revealed significant flaws in several popular ZTNA products, including authentication bypasses and credential leakage.

Healthcare has always been one of the toughest environments for maintaining privacy. Now add AI assistants, retrieval-augmented generation, and multimodal inputs like clinical images and voice notes. Sensitive information travels farther and faster than ever before, and the fallout from a single leak can be devastating, affecting clinical, legal, and reputational aspects. The question for 2025 is simple: how do we harness the advantages of AI without compromising private health data?

LimaCharlie is opening its advanced Search feature for beta testing. For current SecOps Cloud Platform users Search brings a SIEM-like experience to their integrated security stack. For those new to LimaCharlie, our SecOps platform centralizes security tooling and third-party resources while providing limitless cloud scaling and native multi-tenancy. We also provide a free rolling year of telemetry storage.

CrowdStrike is tracking a mass exploitation campaign almost certainly leveraging a novel zero-day vulnerability — now tracked as CVE-2025-61882 — targeting Oracle E-Business Suite (EBS) applications for the purposes of data exfiltration. CrowdStrike Intelligence assesses with moderate confidence that GRACEFUL SPIDER is likely involved in this campaign but cannot rule out the possibility that multiple threat actors have exploited CVE-2025-61882.