Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Every organization faces ransomware, but not every organization is prepared to handle it. The CrowdStrike State of Ransomware Survey explores the substantial gap between confidence in global businesses’ ransomware readiness and their actual preparedness — a gap poised to grow as adversaries use AI to launch faster, stealthier attacks.

The eCrime threat landscape in the Asia Pacific and Japan (APJ) region is quickly evolving, driven by a mix of regional and global adversaries. From Chinese-language underground marketplaces facilitating the sale of stolen data and illicit services, to a rise in AI-developed ransomware campaigns, threat actors across the region are seeking new ways to scale and accelerate their operations.

Nearly 40,000 vulnerabilities were disclosed in 2024.1 Security teams are overwhelmed, especially those relying on outdated tools. ExPRT.AI, the native intelligence engine embedded in CrowdStrike Falcon Exposure Management, is built to help teams prioritize which vulnerabilities are most urgent for them.

CrowdStrike has identified active exploitation of Git vulnerability CVE-2025-48384. In the observed activity, threat actors combined sophisticated social engineering tactics with malicious Git repository cloning operations. This targeted attack chain poses a substantial risk to organizations running unpatched Git installations.

Adversaries move fast, and so must defenders. CrowdStrike is raising the bar for ChromeOS security with two major advancements in CrowdStrike Falcon Insight for ChromeOS. New automated response actions deliver rapid device containment, and expanded support for GovCloud designed to support customers working toward meeting high compliance standards.

Adversaries have shifted their tactics away from traditional malware and toward approaches that exploit the very tools organizations rely on. Instead of introducing malicious files that can be blocked outright, attackers weaponize legitimate applications such as built-in Windows utilities, remote monitoring and management (RMM) tools, file transfer software, and administrative programs.

Today marks a significant milestone in the technology landscape. As of October 14, 2025, Microsoft has officially ended support for non-LTSC releases of Windows 10, concluding one of the most widely adopted operating systems in history. From this point forward, the operating system will no longer receive security updates or feature patches by default. While Microsoft offers Extended Security Updates (ESUs) for Windows 10 version 22H2, these are temporary and designed as a bridge solution.

We are thrilled to announce that CrowdStrike Falcon Next-Gen SIEM has been named a Visionary in the 2025 Gartner Magic Quadrant for Security Information and Event Management (SIEM). Falcon Next-Gen SIEM is reimagining SIEM with AI, real-time data, and a unified platform approach, delivering the automation, speed, and control to transform SOC operations and power the agentic SOC.

CrowdStrike is tracking a mass exploitation campaign almost certainly leveraging a novel zero-day vulnerability — now tracked as CVE-2025-61882 — targeting Oracle E-Business Suite (EBS) applications for the purposes of data exfiltration. CrowdStrike Intelligence assesses with moderate confidence that GRACEFUL SPIDER is likely involved in this campaign but cannot rule out the possibility that multiple threat actors have exploited CVE-2025-61882.

We are living through the fourth industrial revolution: the age of AI. Just as with the steam, electricity, and the digital revolutions that preceded it, this leap forward requires a parallel leap in security. AI is transforming how businesses operate and how adversaries attack. They are moving at machine speed, compressing the defender’s response window from weeks to mere seconds.