Core Insights - Rapid7's Q3 2025 Threat Landscape Report highlights the evolving tactics of threat actors, emphasizing the acceleration of vulnerability exploitation and the rise of ransomware groups leveraging artificial intelligence [1][2][5] Vulnerability Exploitation - The total number of newly exploited vulnerabilities decreased by 21% from Q2 to Q3 2025, yet attackers are increasingly targeting older, unpatched vulnerabilities, including those over a decade old [2] - The exploitation of critical vulnerabilities in Microsoft SharePoint (CVE-2025-53770) and Cisco ASA/FTD products illustrates the urgent need for timely patching [3] Ransomware Activity - The number of active ransomware groups surged to 88 in Q3 2025, up from 65 in Q2 and 76 in Q1, indicating a significant increase in ransomware activity [4] - New alliances among ransomware groups, such as Qilin, SafePay, and WorldLeaks, are targeting various industries and employing innovative tactics like fileless operations and single-extortion data leaks [4] AI and Cyber Warfare - Generative AI is facilitating the creation of sophisticated phishing campaigns and adaptive malware, lowering barriers for cybercriminals [5] - Nation-state actors from Russia, China, and Iran are refining their tactics, focusing on supply chain and identity system attacks, which blur the lines between espionage and disruption [5] Report Overview - The Rapid7 Threat Landscape Report provides a comprehensive analysis of global adversary behavior, covering various threats from ransomware to state-sponsored operations and AI-driven attacks [7]