Ransomware up 179%, credential theft up 800%: 2025’s cyber onslaught intensifies | CSO Online

Flashpoint’s midyear threat intelligence report reveals cybercriminals have intensified attacks in the first half of 2025, with credential theft surging 800% to 1.8 billion stolen credentials from 5.8 million infected hosts, primarily driven by infostealers like Lumma and Redline despite takedowns. Data breaches jumped 235% exposing 9.45 billion records with 78% caused by unauthorized access, while vulnerability disclosures rose 246% with over 20,000 vulnerabilities disclosed and 35% already having exploit code available. Ransomware incidents spiked 179% with the US, India, and Brazil most targeted, as groups like Clop exploited Cleo software flaws and Akira and Qilin filled the void left by LockBit’s decline. The report highlights a 42,000-vulnerability backlog awaiting NVD analysis, leaving organizations blind to critical flaws, with manufacturing, technology, healthcare, and legal sectors bearing the brunt of attacks across credential theft, data breaches, and ransomware campaigns.​​​​​​​​​​​​​​​​