🎄 Christmas Special: 2025 — the year tech broke, AI grew up, regulators came knocking

A year-end look back at the stories that defined technology, AI, and cybersecurity in 2025 — and what it means for 2026.

Pour your glühwein. This is going to take a while.

July–August: regulators and models

EU dropped two AI bombs: GPAI guidelines and mandatory training data templates. GPT-5 launched — then "totally screwed up" (Altman's words). Claude hit 200K context. Salesforce raised prices 6% — the "AI tax" was born.

September–October: everything broke

First week of September: Google Workspace, WhatsApp zero-click, Azure AD, JLR, Salesforce — all breached. Kering: 7.4M customers. Agentic AI entered enterprise. DDoS hit 22.2 Tbps. AWS down 15 hours. Azure down 9 days later. Ransomware: 86 incidents in October.

November–December: insiders and AI milestones

CMMC mandatory — same day CBO hacked. CrowdStrike employee sold access for $25K. Claude Opus 4.5 beat every human engineer. Forbes declared 2025 "the year systems broke."

2026 predictions

1. CMMC Phase 2 — third-party assessments
2. CRA reporting goes live (September)
3. AI agents go mainstream in production
4. Ransomware gets worse
5. Multi-cloud becomes mandatory