This year, hackers have gone from cracking codes to cashing in on stolen passwords like never before.
-
Credential theft via infostealers jumped 800%, totaling 1.8 billion stolen credentials
-
Ransomware incidents spiked 179%, with manufacturing and legal sectors hit the hardest
-
Publicly disclosed vulnerabilities increased 246%, while exploit availability rose 179%
-
Data breaches surged 235%, with the US taking 66% of the global hit
-
78% of breaches involved unauthorized access
Cyberattacks accelerated at a staggering pace in the first half of 2025, with credential theft, data breaches, and ransomware all climbing to record highs.
According to Flashpoint’s latest Global Threat Report, identity theft driven by inexpensive, widely available information-stealing malware has become the go-to entry point for threat actors worldwide.
The data reveals a troubling trend: credential theft is up 800%, data breaches have increased 235%, and ransomware attacks have surged 179% since the start of the year.
Inforstealers and ransomware are the main threat
Behind many of these incidents is a growing market for “infostealers” – malware designed to snatch browser-stored credentials, cookies, credit cards, crypto wallets, and autofill data.
Flashpoint analysts say that infostealers have exploded in popularity due to their low price and easy deployment. Typically sold on underground forums for $60 to $400, these tools are often used in cybercriminal campaigns.
The report suggests that “identity is a new attack vector,” emphasizing how a single infection can unlock access across entire supply chains.
One compromised device often yields corporate credentials, email accounts, and session tokens, a goldmine for lateral movement and data exfiltration.
Major breaches like those suffered by Orange Spain and United Healthcare have been traced back to infostealer logs circulating on the dark web market.
Flashpoint names Lumma and RedLine as the most active infostealer families, despite repeated takedowns. Reportedly, newcomers like StealC and Acreed are also gaining traction.
Ransomware is not going anywhere
Despite security advances, ransomware remains the main cyber threat. Incidents are up 179%, with ransomware-as-a-service (RaaS) operations like Cl0p setting records in Q1 2025.
The report notes that ransomware campaigns are increasingly connected to infostealers, using stolen credentials as stepping stones into corporate environments.
Data breaches surge, with the US as the main target
Over the past four months, data breaches surged by 235%, with unauthorized access accounting for nearly 78% of all reported incidents.
The US is the ground zero for data breaches, absorbing two-thirds of global incidents. PII leaks remain the most valuable prize, powering everything from identity theft to phishing, account takeover, and beyond.
“In today’s threat environment, where kinetic conflict, digital sabotage, economic warfare, and terrorism can be intertwined, understanding the full spectrum of risk is critical,” said Andrew Borene, Flashpoint Executive Director, International Markets and Global Security.
"2025 has brought an alarming acceleration in cyber threats. We've seen an 800% increase in credential theft via information-stealing malware, making 'identity' a dominant attack vector,” added Ian Gray, Flashpoint VP, Cyber Threat Intelligence Operations.
“Effective defense now demands proactive, comprehensive threat intelligence to protect what matters most."
Your email address will not be published. Required fields are markedmarked