Full Report
Insights from public incidents, cloud telemetry, and investigations into how cloud risk evolved in 2025
Analysis Summary
# Incident Report: 2025 Cloud Threat Landscape Retrospective
## Executive Summary
In 2025, cloud security was characterized by the persistence of well-known risks—such as misconfigurations and exposed secrets—accounting for 80% of intrusions. While AI did not introduce new threat categories, it significantly expanded the attack surface and accelerated attacker workflows. The year was marked by systemic failures where weaknesses in shared infrastructure and trusted integrations led to cascading impacts across multiple organizations.
## Incident Details
- **Discovery Date:** Ongoing throughout 2025 (Reported April 2026)
- **Incident Date:** Calendar Year 2025
- **Affected Organization:** Multiple (Aggregated global telemetry)
- **Sector:** Cross-sector (Cloud-native, Development, AI)
- **Geography:** Global
## Timeline of Events
### Initial Access
- **Date/Time:** Various (2025)
- **Vector:** Exploitation of "Proven Cloud Risk Paths"
- **Details:** Roughly 80% of documented intrusions originated from vulnerabilities, exposed secrets (API keys/credentials), and cloud misconfigurations.
### Lateral Movement
- Attackers utilized shared infrastructure, trusted third-party integrations, and widely used software components to move across environment boundaries.
### Data Exfiltration/Impact
- **Data Exfiltration:** High-value workloads and sensitive data stores, particularly those connected to newly deployed AI pipelines.
- **Impact:** Systematic impact where a single point of failure in shared services affected numerous downstream customers.
### Detection & Response
- **Discovery:** Detected via cloud telemetry, Wiz Research investigations, and public disclosures of supply chain campaigns (e.g., *prt-scan* and *axios* NPM compromise).
- **Response Actions:** Focused on identity/entitlement remediation, rotation of exposed secrets, and securing CI/CD pipelines.
## Attack Methodology
- **Initial Access:** Misconfigurations, exposed secrets, and software vulnerabilities.
- **Persistence:** Maintaining access through compromised AI service identities and CI/CD integrations.
- **Privilege Escalation:** Exploiting "shared trust" relationships between cloud services.
- **Defense Evasion:** Leveraging AI-driven automation to blend in with legitimate administrative patterns.
- **Credential Access:** Harvesting API keys and secrets found in code repositories and environment variables.
- **Discovery:** Using AI-supported reconnaissance to map cloud-native dependencies and data paths.
- **Lateral Movement:** Moving through shared infrastructure and supply chain dependencies (e.g., NPM packages).
- **Collection:** Targeting AI data pipes and sensitive development environments.
- **Exfiltration:** Standard cloud data egress routes.
- **Impact:** Operational disruption via supply chain poisoning and large-scale data breaches.
## Impact Assessment
- **Financial:** Significant costs associated with supply chain remediations and systemic outages.
- **Data Breach:** High volume; focus shifted to data sets powering AI models.
- **Operational:** Disruption to development workflows (e.g., compromised NPM maintainer accounts).
- **Reputational:** High for providers of shared infrastructure and widely used open-source components.
## Indicators of Compromise
- **Network indicators:** Connections to hxxps[://]github[.]com and other developer platforms from unauthorized CI/CD runners.
- **File indicators:** Malicious NPM packages (e.g., compromised *axios* releases); malicious *prt-scan* scripts.
- **Behavioral indicators:** Unusual account activity by AI service identities; rapid automated reconnaissance following secret exposure.
## Response Actions
- **Containment:** Disabling compromised maintainer accounts on package registries; revoking leaked API tokens.
- **Eradication:** Patching vulnerabilities in shared infrastructure; removing malicious dependencies from software builds.
- **Recovery:** Restoring known-good versions of software packages; resetting trust boundaries between cloud identities.
## Lessons Learned
- **AI Expansion:** AI doesn't create new types of risk so much as it creates more surface area for old risks to hide.
- **Systemic Vulnerability:** Security is now dependent on the "relationships" between assets rather than the security of the assets in isolation.
- **Speed of Exploitation:** AI-driven automation has significantly shortened the window between a configuration error and its exploitation.
## Recommendations
- **Visibility:** Implement comprehensive visibility across cloud, development (CI/CD), and AI pipelines.
- **Secret Management:** Prioritize automated scanning for secrets to prevent the primary 80% entry vector.
- **Dependency Tracking:** Monitor software supply chains and third-party integrations for "cascading" risks.
- **Identity Security:** Audit AI service identities and permissions to ensure least-privilege access to high-value data.