Experts Unpack The Biggest Cybersecurity Surprises Of 2025
HelpNet Security, Thursday, July 10th, 2025
2025 has been a busy year for cybersecurity. From unexpected attacks to new tactics by threat groups, a lot has caught experts off guard. We asked cybersecurity leaders to share the biggest surprises they've seen so far this year and what those surprises might mean for the rest of us.
The biggest cybersecurity surprise of 2025 has been the speed and sophistication of AI-powered Business Email Compromise, specifically the pivot away from email alone.
We've seen attackers evolve from phishing emails to full-spectrum impersonation: AI-generated voices and even deepfake videos used in live calls or voicemails to impersonate executives. In one case, a client's finance lead received a Teams voice message (seemingly from the CFO) urgently requesting a funds transfer. The tone, cadence, and verbal ticks were eerily accurate. Only after a manual call-back to the actual CFO was the fraud caught in time.