HPE launches threat labs, reports enterprise-scale attacks

HPE has launched HPE Threat Labs, a new research unit combining security resources from HPE and Juniper Networks, and released its inaugural "In the Wild" report analyzing 1,186 active cyber campaigns from 2025, according to Security Brief Australia. The report reveals adversaries now operate with "the structure and repeatability of large businesses," employing assembly-line workflows, specialized roles, and rapid coordination across platforms like Telegram to exfiltrate data in real time. Government organizations were the most targeted sector with 274 campaigns, followed by finance (211) and technology (179). Attackers exploited 549 vulnerabilities, used over 147,000 malicious domains, and deployed nearly 58,000 malware files. Generative AI is increasingly weaponized for social engineering, with synthetic voices, images, and videos enabling targeted impersonation fraud, video phishing, and executive deepfakes. HPE's Mounir Hahad emphasized the research captures "how attackers behave in active campaigns, how they adapt, and where they are finding success." The report highlights persistent gaps in patch management, with VPNs, SharePoint, and edge devices as common entry points. Defensive recommendations include zero trust principles, SASE architecture, deception technologies, and AI-native detection.