2025 State of the Internet: Notable Incidents

This Censys Rapid Response review analyzes major 2024–2025 incidents: widespread exploitation of critical Cleo file-transfer flaws by CL0P/Termite leading to numerous ransomware breaches and data leak site postings, a FortiOS/FortiProxy auth-bypass (CVE-2024-55591) tied to DragonForce activity evidenced by exposed PoCs and credential lists, and law-enforcement disruption of cracked Cobalt Strike (Operation Morpheus); the report highlights exposed hosts, timelines of exploitation and disclosure, and forensic indicators for defenders.