In 2025, cybercriminals target organizations worldwide with identity attacks, cloud security breaches, and AI-powered cyberattacks. CrowdStrike 2025 Threat Hunting Report indicates that advanced threat actors are leveraging generative AI, cloud misconfiguration, and human identity weakness to perform cross-domain attacks that completely bypass traditional security controls.
Interactive cyber attacks increased 27% year over year, and 81% of attacks were malware-free, showing a trend to more low-profile, high-level techniques. eCrime groups are commonplace, making up 73% of attacks today, and cloud intrusions have increased 136% in the first half of 2025 compared to 2024. Vishing campaigns are increasing as well, breaking earlier yearly records within six months.
Read: Cybersecurity & Infrastructure Security Agency (CISA) on ransomware trends.
Generative AI Becomes a Powerful Tool for Cybercriminals
Generative AI has evolved from a special-purpose tool to a ubiquitous component of cyberattacks. Cybercriminals are using AI to create phishing campaigns, create synthetic identities, and even construct advanced malware. CrowdStrike has found a vulnerability, CVE-2025-3248, in Langflow AI, which is a highly used platform that is used to build AI agents, and was used by attackers for:
Persistence on the exploited systems
Credential access via AI-created phishing and synthetic identities
Malware deployment
North Korea-aligned group FAMOUS CHOLLIMA is one such time-honored case in point, having exploited over 320 organizations, a 220% year-to-date increase, using AI-created resumes, deepfake interviews, and bot-solved coding challenges.
Expert Insight: “Threat actors increasingly view AI as central infrastructure instead of a peripheral technology. Organizations need to keep AI security top of mind in defense,” CrowdStrike experts recommended.
CrowdStrike’s 2025 Threat Hunting Report comprehensively studies potential cyberattacks and shows how advanced attackers specifically target AI, cloud, and identity systems. The report also points to malware-free attacks on the rise, cloud-based attacks on the rise, and the use of generative AI to use for social engineering attacks.
According to CrowdStrike’s 2025 Threat Hunting Report (read the entire report here), threat actors are leveraging cross-domain tactics in order to outmaneuver typical defenses, and the organizations must thus exercise proactive monitoring and protection of identity.
Identity Exploitation Drives Cross-Domain Attacks
Attackers increasingly exploit human and process-based identity weaknesses to gain access across networks. CrowdStrike defines the SCATTERED SPIDER eCrime group as one that:
Uses ransomware within less than 24 hours of initial compromise
Uses vishing and help desk impersonation to bypass MFA
Gains long-lived access to SaaS tools such as IAM, document management, and data warehousing platforms
These identity-driven attacks can enable the attacker to migrate horizontally across domains, remain resident for extended periods, and exfiltrate sensitive information in bulk.
Real-World Measures to Mitigate AI, Cloud, and Identity Threats
CrowdStrike recommends that organizations adopt a multi-layered security approach to counter new cyber threats:
Secure Identity
Utilize phishing-resistant MFA (hardware tokens)
Enforce robust password policies and regular resets
Identify anomalous authentication activity in cloud, SaaS, and on-premises environments
Seal Cross-Domain Visibility Gaps
Organizations must adopt strategies that provide full visibility across endpoints, cloud environments, and identity systems. Threat actors are increasingly moving laterally across domains, exploiting blind spots in monitoring and detection. To address this:
Run XDR and gen-next SIEM tools to correlate endpoint, cloud, and identity platform telemetry
Detect lateral movement sooner and respond automatically
Secure Cloud as Foundation Infrastructure
Use Cloud-Native Application Protection Platforms (CNAPP) with continuous monitoring
Audit APIs, permissions, and configurations in real-time
Enforce least-privilege access
Prepare for AI-Driven Threats
Guard internal AI tools and workflows
Train employees to detect AI-aware social engineering techniques
Detect out-of-band AI usage patterns
Build Incident Readiness
Maintain isolated backups
Conduct regular tabletop exercises
Enable rapid containment and recovery in case of breach
Recommended external source: NIST Cloud Security Guidelines
A Look to the Future: The Future of Cybersecurity
With AI, cloud, and identity platforms more interconnected, cross-domain attacks will only increase. Firms that adopt AI threat monitoring, cloud-native security, and robust identity protection position themselves to compete most effectively. Researchers identify changing to comprehend attacker behavior, using advanced detection tools, and creating a cybersecurity awareness culture as the keys to staying ahead.
Read more: Cybersecurity Ventures: 2025 Global Threat Forecast.
For deeper insights on agentic AI governance, identity controls, and real‑world breach data, visit Cyber Tech Insights.
To participate in our interviews, please write to our CyberTech Media Room at sudipto@intentamplify.com
