In the second half of 2025, cybersecurity remained a strategic priority for organizations of all sizes. Cybersecurity news between July and November featured a combination of sophisticated attacks (with increasing use of artificial intelligence), new regulations, and the rapid adoption of automated, AI-based defensive solutions. In this newsletter, we offer you a clear and practical summary of the most relevant information so that you can understand the risks, trends, and best responses your company can implement today.
1. Attacks and vectors that marked the period
During these past months, incidents were detected that reflect the tactical evolution of attackers:
- Ransomware and data exfiltration: Groups are not only encrypting data; they have prioritized data theft and publication as a means of extortion. This increases regulatory and reputational pressure on victims.
- AI-powered phishing: Generative AI improved the credibility of emails and messages, increasing the effectiveness of spear phishing targeting employees with access to critical systems.
- Infrastructure compromise and virtualization: There were cases where attackers shut down virtual machines (e.g., ESXi environments) before encrypting, increasing the operational impact.
- Regional campaigns in LATAM: Sectors such as tourism and education were particularly exposed; campaigns against hotel chains were observed with Trojans installed through fake reservations.
2. Regulations and policies that advanced
The second half of 2025 saw the promotion of important regulatory frameworks:
- US: Increased regulatory focus on AI security and strengthened standards for state agencies (multifactor authentication, incident reporting).
- Latin America: National projects and strategies (cybersecurity plans, creation or strengthening of national authorities and CERT) and bilateral agreements to share intelligence and harmonize data protection rules.
3. Emerging technologies and defenses
The solutions that gained traction during this period help mitigate the risks described above:
- AI platforms for proactive detection: XDR, DSPM, and tools that integrate behavioral analysis and dynamic blocking of access to sensitive data.
- Adoption of Zero Trust and SASE: Broader implementation to reduce the attack surface and segment access.
- Post-quantum cryptography (planning): Critical organizations began migration and evaluation initiatives.
- Automation and response orchestration (SOAR): Reduction in containment time and improved coordination between internal teams and external providers.
4. New adversary tactics and practical recommendations
Trends observed and actions we recommend:
- Trend: Increased use of AI to create hyper-personalized messages.
Recommendation: Continuous training in social engineering and controlled phishing tests with PTaaS (Pentesting as a Service).
- Trend: Attacks targeting OT/ICS environments in Latin America.
Recommendation: OT network segmentation, constant monitoring, and specialized security testing.
- Trend: Stricter regulations and reporting requirements.
Recommendation: Review incident response and compliance processes; evaluate cyber insurance and schedule regular audits.
Why this matters to your organization
Cybersecurity news from the last six months shows that risks are not only increasing, but also changing shape. The combination of AI, data theft as a new form of extortion, and regulatory pressure requires a comprehensive strategy: prevention (hardening, patches, MFA), detection (XDR, threat intelligence), and response (playbooks, periodic testing). In addition, cooperation (intelligence sharing and public-private partnerships) is key to increasing regional resilience.
You might be interested: How to improve your company’s cybersecurity with CyScope
Conclusion
The second half of 2025 left clear lessons: defense is no longer just technology; it is process, governance, and community. Organizations that integrate secure automation, continuous testing, and a compliance framework will be better prepared. In addition, responsible AI adoption (with controls and policies) is urgent to minimize leaks and misuse.
Learn how our comprehensive platform and PTaaS, and Bug Bounty programs can protect your business from today’s threats. Contact us for an initial assessment and turn information into effective security.
