Attackers target public-facing applications over ransomware in 2025
In late 2025, attackers shifted their focus from high-volume ransomware campaigns to breaking into public-facing applications, according to analysis cited by Telecoms Tech News. Exploiting internet-exposed APIs and web services became the leading way into corporate systems.
The change reflects how digital transformation is erasing the boundary between internal networks and the public internet. As organisations roll out more revenue-generating online services, they unintentionally widen the attack surface. Security teams now have to treat every new external-facing application as a likely entry point, not a side project.
More from Security
Authorities in the US, Canada and Germany have shut down infrastructure behind four major IoT botnets that hijacked more than 3 million devices worldw...
Acalvio has introduced 360 Deception, a new cyber defence tool aimed at disrupting AI-driven attack automation. The company positions the product as a...
Finnish operator Elisa has reworked how it runs its network by folding cybersecurity directly into day-to-day operations. Instead of treating security...
Siemens and Palo Alto Networks have combined their products to offer an AI-based cybersecurity package for industrial 5G networks. The setup pairs Sie...
Mobile operators are confronting a new security problem: hostile forces can use commercial cellular networks to control and coordinate unmanned aerial...
Bharti Airtel and cloud security firm Zscaler are setting up an AI-driven cyber threat research centre in India, aiming to shore up defences for criti...