More than half of all web content requests now come from bots, with AI-driven automation fueling a surge in traffic, according to a report by SiliconAngle.
The F5 2025 Advanced Persistent Bots Report, based on an analysis of 207 billion web transactions, attributes much of this growth to large language model (LLM) scrapers from companies such as OpenAI, Anthropic, and Perplexity AI. While some automated activity is harmless, 4.8% of total transactions were classified as malicious bot traffic, targeting industries like hospitality (44.6%), healthcare (32.6%), and e-commerce (22.7%). F5 Labs Director David Warburton noted that bots have evolved beyond simple search queries, now engaging in persistent data scraping and login abuse. Credential stuffing remains a major threat, especially in the tech sector, where 33.5% of logins were flagged as account takeovers. Despite these risks, the report found an overall decline in bot activity across most industries, suggesting that enhanced security measures are effectively mitigating automated threats.
An In-Depth Guide to AI
Get essential knowledge and practical strategies to use AI to better your security program.
Threat actors have exploited 159 CVEs during the first three months of 2025, compared with 151 during the last quarter of 2024, with almost a third of vulnerabilities leveraged in attacks within a day of their disclosure, according to The Hacker News.
Attacks involving ransomware were discovered by NCC Group to have totaled 600 in March which is 32% lower than in February but 46% higher than the same month last year with the month-to-month decline believed by NCC Head of Threat Intelligence Matt Hull to be a "red herring" after the recent surge in intrusions, Infosecurity Magazine reports.
Cybernews reports that BreachForums had its supposed Thursday comeback fall through, with its latest owner "Anastasia" selling the notorious cybercrime marketplace's backup database and source code for only $2,000 as they claimed yet another crackdown by the FBI after the website was disrupted by the pro-Palestinian hacktivist operation Dark Storm Team twice within a week.
