What cybersecurity experts are talking about in 2025

This article summarizes five high-impact 2024–2025 threat research reports: Sandworm (GRU) trojanizing pirated software to deliver loaders and RATs against Ukrainian victims; a stealthy legacy-driver exploitation campaign that produced thousands of signed variants to disable EDR/AV; Calendarwalk, a China-linked malware using Google Calendar for C2 with links to APT41; Lazarus Group's Phantom Circuit supply-chain compromise that infected development tools and thousands of developers; and forensic analysis of the Playboy ransomware-as-a-service toolchain—together highlighting nation-state actors, supply-chain risk, novel C2 techniques, and large-scale operational impact.