ESET Threat Report H2 2025
welivesecurity.com
The second half of the year underscored just how quickly attackers adapt and innovate, with rapid changes sweeping across the threat landscape.
AI-powered malware moved from theory to reality in H2 2025, as ESET discovered PromptLock, the first known AI-driven ransomware, capable of generating malicious scripts on the fly. While AI is still mainly used for crafting convincing phishing and scam content, PromptLock – and the handful of other AI-driven threats identified to this day – signal a new era of threats.
After its global disruption in May, Lumma Stealer managed to briefly resurface – twice – but its glory days are most likely over. Detections plummeted by 86% in H2 2025 compared to the first half of the year, and a significant distribution vector of Lumma Stealer – HTML/FakeCaptcha trojan, used in ClickFix attacks – nearly vanished from our telemetry.
Meanwhile, CloudEyE, also known as GuLoader, surged into prominence, skyrocketing almost thirtyfold in ESET ...
Copyright of this story solely belongs to welivesecurity.com . To see the full text click HERE