Happy New Year! 2025 was a busy year for the Insider authors—we published 271 posts throughout 2025. To kick-off 2026, in case you missed them last year, we are providing the articles from 2025 that were the most interesting to our readers across various categories.
We hope you enjoy them and look forward to another
Threat actors had another banner year in 2025. As we head into 2026, looking back on the five top security threats of 2025 may inform our strategy and budgeting for 2026 to prepare for the continued onslaught of attacks.
According to Dark Reading, the top five security threats from 2025 include:
Salt
TransUnion has announced that attackers gained unauthorized access to a third‑party application used in its U.S. consumer support operation that is reported to be linked to a broader wave of attacks targeting Salesforce‑connected applications across major industries.
The breach affected more than 4.4 million individuals, but TransUnion emphasized that its core credit reporting systems were
On December 19, 2025, the Federal Bureau of Investigation (FBI) published an Alert warning the public that it has data from as far back as 2023 that “malicious actors have impersonated senior U.S. state government, White House, and Cabinet level officials, as well as members of Congress to target individuals, including officials’ family members and
On December 17, 2025, a bipartisan group of 23 Attorneys General from the states of Arizona, California, Colorado, Connecticut, Delaware, Hawai’i, Illinois, Maine, Maryland, Massachusetts, Minnesota, Nevada, New Jersey, New Mexico, North Carolina, Oregon, Rhode Island, Tennessee, Utah, Vermont, Washington, Wisconsin, and the District of Columbia, sent a comment letter to the Federal Communications Commission
An analysis by the Federal Trade Commission (FTC) shows that, since 2020, consumers have been swindled out of $65 million by rental scams. This statistic is particularly relevant during the holiday season when many people are traveling and renting places to stay.
According to the FTC, most of the scams involve fake rental listings
700Credit, a Michigan-based company that runs credit checks and identification verification services for automobile dealerships nationwide, has announced that an “integrated partner” was compromised, allowing a bad actor to obtain unauthorized access to its network of information about individuals whose credit the company checked. The incident was discovered on October 25, 2025.
Michigan officials confirmed
In an excellent blog post, “Avoiding AI Pitfalls in 2026: Lessons Learned from Top 2025 Incidents,” ISACA’s Mary Carmichael summarizes lessons learned from top incidents in 2025 using MIT’s AI Incident Database and risk domains. According to Carmichael, an analysis of the incidents showed recurring patterns across different risk domains, including privacy, security
On December 17, 2025, the Federal Trade Commission (FTC) issued a press release announcing that it is taking action against Illusory Systems, Inc. “for failing to implement adequate data security measures, leading to a major security breach in which hackers stole $186 million from consumers.”
In its complaint, the FTC alleged that Illusory, doing business
On November 25, 2025, the Federal Bureau of Investigation (FBI) published a Public Service Announcement warning that cyber criminals are “impersonating financial institutions to steal money or information in Account Takeover (ATO) fraud schemes.” These schemes target individuals and businesses of all sizes across all sectors. According to the announcement, “Since January 2025, the FBI