In the first half of 2025 alone, cloud intrusions were up 136% compared to all of 2024. China was a big driver — CrowdStrike saw a 40% year-over-year surge in intrusions from suspected cloud-conscious China-nexus threat actors. In the government sector, interactive intrusions increased 71%, and targeted intrusion activity jumped 185%.

The CrowdStrike OverWatch threat hunting team has a firsthand look at how adversaries are changing their techniques. In the CrowdStrike 2025 Threat Hunting Report, published today, the team shares observations, trends, and shifts seen in its threat hunting and adversary engagements over the past 12 months.

In this episode, Adam and Cristian dive deep into the report’s key findings and put them into context. They explore why the use of malware is going down (and why it won’t go away), unpack the rise in government intrusions, and explain the role of generative AI (GenAI) in today’s threat landscape. They examine the rise of prolific adversaries such as SCATTERED SPIDER and FAMOUS CHOLLIMA and discuss the techniques organizations can use to stop them.

Below are more key stats from this year’s report:

• 73% of all interactive intrusions were eCrime
• 81% of interactive intrusions were malware-free
• In the first half of 2025, voice phishing (vishing) attacks surpassed the total number seen in 2024
• FAMOUS CHOLLIMA insiders infiltrated 320+ companies in the last 12 months — a 220% year-over-year increase — by using GenAI throughout hiring and employment

Download the report to learn more.

Links:

📃 Threat Hunting Report: https://www.crowdstrike.com/resources/reports/threat-hunting-report/

🎧 Our site: https://www.crowdstrike.com/en-us/resources/adversary-universe-podcast/