Core Insights - Rapid7's Q3 2025 Threat Landscape Report highlights the evolving tactics of threat actors, emphasizing the acceleration of vulnerability exploitation and the rise of ransomware groups leveraging artificial intelligence [1][2][5] Vulnerability Exploitation - The total number of newly exploited vulnerabilities decreased by 21% from Q2 to Q3 2025, yet attackers are increasingly targeting older, unpatched vulnerabilities, including those over a decade old [2] - The exploitation of critical vulnerabilities in Microsoft SharePoint (CVE-2025-53770) and Cisco ASA/FTD products illustrates the urgent need for timely patching [3] Ransomware Activity - The number of active ransomware groups surged to 88 in Q3 2025, up from 65 in Q2 and 76 in Q1, indicating a significant increase in ransomware activity [4] - New alliances among ransomware groups, such as Qilin, SafePay, and WorldLeaks, are targeting various industries and employing innovative tactics like fileless operations and single-extortion data leaks [4] AI and Cyber Warfare - Generative AI is facilitating the creation of sophisticated phishing campaigns and adaptive malware, lowering barriers for cybercriminals [5] - Nation-state actors from Russia, China, and Iran are refining their tactics, focusing on supply chain and identity system attacks, which blur the lines between espionage and disruption [5] Report Overview - The Rapid7 Threat Landscape Report provides a comprehensive analysis of global adversary behavior, covering various threats from ransomware to state-sponsored operations and AI-driven attacks [7]

Company Overview - AvePoint has been in operation for over 20 years, starting in New Jersey and focusing on Microsoft SharePoint, an enterprise content management platform [2] - The company was the first to transition to the cloud when Microsoft launched SharePoint Online, recognizing early on in 2010 that SharePoint would become integral to Microsoft Office [2][3] - Currently, AvePoint is the largest player in global Microsoft Office cloud data management and governance [3] Industry Position - The company has established itself as a leader in the cloud data management and governance space, particularly in relation to Microsoft Office products [3]

Company Overview - Vanta, a startup specializing in software for managing compliance with cybersecurity and privacy standards, has achieved a valuation of approximately $4 billion following a recent $150 million fundraising round [1][5] - The company was co-founded in 2018 by Christina Cacioppo and Erik Goldman and has grown to over 1,000 employees [5] Financial Performance - The recent funding round reflects a significant valuation increase from $2.45 billion last year, indicating strong investor confidence and growth potential [1][5] - Vanta has raised a total of $504 million since 2021, with the company not utilizing any of the $150 million raised in the previous year [5] Market Position and Growth - Vanta serves over 12,000 customers, including major software companies like Atlassian and Snowflake, and is expanding its client base beyond the tech industry [4][5] - The company’s growth rate is comparable to leading SaaS companies, with increasing deal sizes and a growing number of clients [3] Industry Context - The increase in Vanta's valuation is indicative of ongoing corporate investments in cybersecurity tools, particularly in light of recent cyberattacks and vulnerabilities [2]

Security Vulnerability - A new zero-day vulnerability is under widespread attack in Microsoft SharePoint [1] Industry Impact - The tech industry is facing a critical security issue with the exploitation of a Microsoft SharePoint vulnerability [1]