Welcome to April 2025 Threat Highlight Report

April report covers

The report details an increased focus on AI security risks, cloud exposures, and persistent identity vulnerabilities, highlighting the ongoing evolution of threat tactics and the importance of strong defense measures. Additionally, there was the news about the CVE program which narrowly received funding approval from the US government, ensuring its continued operation amid concerns about the stability of US-led security initiatives. 

The key findings in the April 2025 Threat Highlight Report include:

1. The CVE program narrowly avoided shutdown and received last-minute funding approval from the US government, raising concerns about reliance on US-led security initiatives.
2. The incident prompted the launch of competing CVE programs by other organizations.
3. There are questions regarding the stability and reliability of US-funded security programs such as NVD and KEV.
4. The report highlights vulnerabilities in critical infrastructure, including a backdoor on over 16,000 Fortinet edge devices and a significant exploit involving SAP NetWeaver.
5. Ransomware activity decreased significantly this month, likely due to the conclusion of the C10p campaign.
6. Ongoing threats include vulnerabilities related to AI, cloud environments, and identity management.
7. There was an increased focus on advanced malware campaigns and exploitation techniques.
8. Detection and response capabilities have improved, but the evolving threat landscape necessitates continued vigilance.