INI
Types of Cybersecurity Threats - INI
Types of cybersecurity threats is a classification of digital attacks targeting organizations and individuals. It covers major threat categories including malware (ransomware, spyware, trojans, etc.), phishing (including targeted attack emails), DDoS attacks (Distributed Denial of Service), SQL injection, and Cross-Site Scripting (XSS). These threats compromise the CIA triad of confidentiality, integrity, and availability, causing data breaches, business disruptions, and financial losses. In 2025, new threats such as AI-powered attacks and supply chain attacks are also on the rise.
cybersecurity
information security
malware
phishing
DDoS
SQL injection
XSS
OWASP
ransomware
[item.malware]
code=01
slug=malware
name=Malware
description=A general term for malicious software, including viruses, worms, trojans, ransomware, and spyware.
category=Malware Attack
[item.phishing]
code=02
slug=phishing
name=Phishing
description=A fraudulent attack method that impersonates legitimate organizations to steal personal information and credentials.
category=Social Engineering
[item.ddos-attack]
code=03
slug=ddos-attack
name=DDoS Attack
description=Distributed Denial of Service attack. Simultaneously accesses from multiple computers to stop services.
category=Availability Attack
[item.sql-injection]
code=04
slug=sql-injection
name=SQL Injection
description=An attack that exploits web application vulnerabilities to inject malicious SQL statements into databases.
category=Injection Attack
[item.xss]
code=05
slug=xss
name=Cross-Site Scripting (XSS)
description=An attack that embeds malicious scripts into websites to execute in visitors' browsers.
category=Injection Attack
[item.ransomware]
code=06
slug=ransomware
name=Ransomware
description=Malware that encrypts files and demands ransom. Remains a top threat in 2025.
category=Malware Attack
[item.zero-day-attack]
code=07
slug=zero-day-attack
name=Zero-Day Attack
description=An attack that exploits vulnerabilities for which no patch has been released (0-day).
category=Advanced Attack
[item.supply-chain-attack]
code=08
slug=supply-chain-attack
name=Supply Chain Attack
description=Indirect attacks that exploit the software supply chain (third-party products or services).
category=Advanced Attack
[item.apt-attack]
code=09
slug=apt-attack
name=APT Attack
description=Advanced Persistent Threat that lurks in organizations for extended periods to steal confidential information.
category=Advanced Attack
[item.mitm-attack]
code=10
slug=mitm-attack
name=Man-in-the-Middle Attack (MitM)
description=An attack that intercepts between communication parties to eavesdrop on or tamper with content.
category=Communication Attack