ENISA’s 2025 Threat Landscape: AI Reshapes Cyber Attacks, from Phishing to Supply Chain Abuse

Artificial intelligence (AI) has emerged as a central theme in the ENISA Threat Landscape 2025 report, highlighting its dual role as both a tool and a target in cyber threats. The report, based on incidents from July 2024 to June 2025, reveals the extensive use of AI in phishing, malware development, and influence operations, with AI-assisted phishing accounting for a significant portion of social engineering attacks. It also addresses the rise of deepfakes, AI-driven reconnaissance by state actors, and the emergence of standalone malicious AI systems like Xanthorox AI. The report underscores a growing concern over the AI software supply chain, noting the manipulation of machine learning models and coding assistant configurations. Traditional supply chain attacks remain prevalent, with notable incidents involving state-backed exploitation and malicious npm packages. Additionally, persistent threats such as ransomware and mobile malware continue to pose risks, while the blending of AI-generated content with conventional tactics introduces "faketivism." The report marks a pivotal moment in cybersecurity, emphasizing the integration of AI into all stages of the attack lifecycle and the critical importance of safeguarding supply chain integrity.