The year began with a massive exploitation of zero-day vulnerabilities in Ivanti and SonicWall VPN products. One of the most high-profile victims was Nominet, the UK’s domain registry. Attackers linked to nation-state groups bypassed authentication to gain a foothold in internal networks. Simultaneously, UK telecom giant TalkTalk investigated claims of an 18.8 million customer record leak. These incidents underscored a critical theme for 2025: the vulnerability of the “secure” perimeter and the continued targeting of national infrastructure.