Since late 2022, threat researchers from Unit 42 have tracked at least seven distinct strike teams associated with Muddled Libra. These teams are not static; personas frequently move between them, and their objectives and methods evolve over time.

Between late 2024 and early 2025, the percentage of customers affected by security incidents nearly tripled, rising from 6% to 17%. Over half of these incidents began at the initial access stage.

A recent assessment of 21 major U.S. energy companies has revealed a significant cybersecurity gap, with nearly 59,000 services exposed to the internet—many of which are vulnerable and potentially invisible to traditional security tools.

Flashpoint’s Global Threat Intelligence Index: 2025 Midyear Edition, analyzing over 3.6 petabytes of data, reports an 800% surge in credential theft, with 1.8 billion credentials stolen from 5.8 million infected devices.

Ransomware groups are increasingly weaponizing Remote Monitoring and Management (RMM) tools—originally intended for legitimate IT operations—to conduct sophisticated cyber intrusions.

ESET identified several prominent AsyncRAT forks actively used in cyberattacks, including DcRat, VenomRAT, and SilverRAT. DcRat offers an expanded feature set, while VenomRAT includes even more advanced capabilities.

Cybersecurity experts at Cofense reported a 19x increase in malicious campaigns being launched from .es domains, making it the third most common, behind only .com and .ru.

The first half of 2025 has seen a dramatic surge in cryptocurrency-related cybercrime, with total losses from scams, hacks, and exploits reaching approximately $2.47 billion. This figure already surpasses the total losses recorded in all of 2024.

More than a third (36%) of people have had at least one online account compromised due to weak or stolen passwords in the past year, according to new research by the FIDO Alliance.

Cloudflare has reported a record-breaking surge in DDoS attacks, mitigating 21.3 million attacks in 2024—a 358% year-over-year (YoY) increase—and already handling 20.5 million attacks in Q1 2025 alone.