A new report out today from business risk intelligence startup Flashpoint has highlighted major cyberthreats shaping 2025, with infostealers, ransomware and vulnerabilities fueling an evolving, high-risk landscape.

The findings come from the Flashpoint 2025 Global Threat Intelligence Report, based on 3.6 petabytes of data from open and dark web sources. The report reveals a surge in credential theft, data breaches and exploit-based cyberattacks, underscoring a growing need for improved cybersecurity strategies to combat them.

Key findings from the report include a 33% year-over-year increase in credential theft, with more than 3.2 billion credentials stolen through 2024. More than 75% of stolen credentials were linked to information-stealing malware, which infected 23 million devices globally. The most prolific infostealer strains included Redline, RisePro and Lumma, with some offering credentials for rent for as little as $200 per month on dark web markets.

The report details that ransomware attacks increased 10% in 2024, following an 84% increase in 2023. Five major ransomware groups — Lockbit, Ransomhub, Akira, Play and Qilin — were found to have accounted for nearly half of all ransomware incidents.

The ransomware-as-a-service model — the cybercrime business model where ransomware developers provide their malware and infrastructure to affiliates, who then undertake attacks in exchange for a share of the ransom payments — was found to be continuing to lower the barrier for attackers, making sophisticated ransomware accessible to less-experienced cybercriminals.

Vulnerabilities were up 12% year-over-year last year, with Flashpoint aggregating 37,302 vulnerabilities and finding that more than 39% were publicly available exploits. The report notes that the increasing volume and exploitability of vulnerabilities make patch prioritization a critical challenge for security teams.

On the data breach front, data breaches came in at 16.8 billion records through 2024 — up 6% year-over-year — with unauthorized access responsible for 73% of incidents. The U.S. accounted for 63% of all reported breaches, with popularly targeted sectors being healthcare, finance and government.

“The data and analysis in the Flashpoint 2025 Global Threat Intelligence Report expose a hybrid, interconnected cyberthreat landscape that demands a proactive and holistic security approach,” the report authors wrote.

The report emphasizes that cyberthreats are increasingly converging, with ransomware, infostealers and data breaches intertwining in more sophisticated attack chains. To counter this, organizations are advised to break away from siloed security approaches and integrate intelligence across digital, physical and geopolitical domains to build a more resilient defense.

Preparedness is also emphasized with Flashpoint recommending that security teams must proactively monitor threat actor communities, track the evolution of malware and prioritize risk-based vulnerability management. “Prioritizing risk-based vulnerability management will be critical in 2025 and beyond,” write the report authors.

Image: SiliconANGLE/Ideogram