Report Identifies Surge in Credential͏͏ Theft͏͏ and͏͏ Breaches͏͏

A recent report from cybersecurity firm Flashpoint detected an escalation of threat activity across͏͏ multiple͏͏ fronts͏͏ during͏͏ the͏͏ first͏͏ half͏͏ of͏͏ 2025. Based͏͏ on͏͏ monitoring͏͏ of͏͏ more͏͏ than͏͏ 3.6͏͏ petabytes͏͏ of͏͏ original-source͏͏ data,͏͏ "Flashpoint͏͏ Global͏͏ Threat͏͏ Intelligence͏͏ Index:͏͏ Midyear͏͏ Edition" documents growth͏͏ in͏͏ credential͏͏ theft,͏͏ vulnerability͏͏ disclosures͏͏ and͏͏ exploit͏͏ availability,͏͏ as͏͏ well͏͏ as͏͏ a͏͏ rise͏͏ in͏͏ ransomware͏͏ attacks͏͏ and͏͏ large-scale͏͏ data͏͏ breaches.

The͏͏ report,͏͏ which͏͏ covers͏͏ activity͏͏ from͏͏ Jan.͏͏ 1͏͏ to͏͏ June͏͏ 30,͏͏ found͏͏ that͏͏ infostealer͏͏ malware͏͏ was͏͏ the͏͏ leading͏͏ cause͏͏ of͏͏ stolen͏͏ credentials͏͏ for͏͏ the͏͏ first͏͏ half͏͏ of͏͏ 2025.͏͏ Flashpoint͏͏ reported͏͏ an͏͏ 800͏͏% increase͏͏ in͏͏ stolen͏͏ credentials͏͏ linked͏͏ to͏͏ infostealer͏͏ infections͏͏ compared͏͏ to͏͏ the͏͏ same͏͏ period͏͏ last͏͏ year,͏͏ with͏͏ a͏͏ total͏͏ of͏͏ 1.8͏͏ billion͏͏ compromised͏͏ records.͏͏ These͏͏ records͏͏ included͏͏ usernames,͏͏ passwords,͏͏ session͏͏ cookies,͏͏ and͏͏ autofill͏͏ data͏͏ collected͏͏ by͏͏ popular͏͏ malware.͏͏ According͏͏ to͏͏ the͏͏ report,͏͏ "these͏͏ pieces͏͏ of͏͏ digital͏͏ identity͏͏ are͏͏ often͏͏ the͏͏ starting͏͏ point͏͏ for͏͏ larger͏͏ malicious͏͏ campaigns,͏͏ allowing͏͏ threat͏͏ actors͏͏ to͏͏ gain͏͏ initial͏͏ access͏͏ — often͏͏ through͏͏ a͏͏ single͏͏ infostealer͏͏ infection."

"The͏͏ theft …͏͏ underscores͏͏ how͏͏ these͏͏ stolen͏͏ digital͏͏ identities͏͏ underpin͏͏ major͏͏ malicious͏͏ campaigns,"͏͏ said͏͏ Flashpoint.͏͏ "They͏͏ enable͏͏ initial͏͏ access͏͏ that͏͏ can͏͏ cascade͏͏ into͏͏ significant͏͏ data͏͏ breaches͏͏ across͏͏ organizations͏͏ and͏͏ their͏͏ supply͏͏ chains."

Flashpoint͏͏ also͏͏ reported͏͏ a͏͏ 246͏͏% increase͏͏ of͏͏ newly͏͏ disclosed͏͏ vulnerabilities͏͏ over͏͏ the͏͏ same͏͏ time͏͏ period͏͏ last͏͏ year,͏͏ while͏͏ the͏͏ volume͏͏ of͏͏ publicly͏͏ available͏͏ exploits͏͏ increased͏͏ by͏͏ 179͏͏%.͏͏ Flashpoint͏͏ analysts͏͏ said͏͏ that͏͏ attackers͏͏ are͏͏ "exploiting͏͏ gaps͏͏ in͏͏ the͏͏ vulnerability͏͏ intelligence͏͏ landscape,"͏͏ particularly͏͏ where͏͏ security͏͏ teams͏͏ rely͏͏ exclusively͏͏ on͏͏ official͏͏ feeds͏͏ such͏͏ as͏͏ the͏͏ U.S.͏͏ National͏͏ Vulnerability͏͏ Database,͏͏ which͏͏ may͏͏ delay͏͏ or͏͏ omit͏͏ emerging͏͏ exploit͏͏ intelligence.

Ransomware͏͏ gangs͏͏ ramped͏͏ up͏͏ their͏͏ activity͏͏ in͏͏ early͏͏ 2025,͏͏ Flashpoint͏͏ found,͏͏ with͏͏ attacks͏͏ up͏͏ 179͏͏% over͏͏ the͏͏ previous͏͏ year.͏͏ The͏͏ firm͏͏ blamed͏͏ the͏͏ surge͏͏ on͏͏ a͏͏ familiar͏͏ set͏͏ of͏͏ issues:͏͏ stolen͏͏ login͏͏ credentials,͏͏ outdated͏͏ software,͏͏ and͏͏ a͏͏ growing͏͏ market͏͏ of͏͏ ready-made͏͏ ransomware͏͏ kits.

At͏͏ the͏͏ same͏͏ time,͏͏ global͏͏ data͏͏ breaches͏͏ climbed͏͏ 235͏͏%,͏͏ with͏͏ over͏͏ 9.45͏͏ billion͏͏ records͏͏ exposed.͏͏ About͏͏ two-thirds͏͏ of͏͏ that͏͏ data͏͏ came͏͏ from͏͏ U.S.-based͏͏ organizations,͏͏ which͏͏ Flashpoint͏͏ identified͏͏ as͏͏ the͏͏ most͏͏ frequently͏͏ targeted͏͏ region͏͏ so͏͏ far͏͏ this͏͏ year.

IT͏͏ Response

The͏͏ report͏͏ calls͏͏ attention͏͏ to͏͏ the͏͏ limitations͏͏ of͏͏ reactive͏͏ security͏͏ strategies͏͏ and͏͏ recommends͏͏ organizations͏͏ adopt͏͏ intelligence-driven͏͏ approaches͏͏ that͏͏ prioritize͏͏ threats͏͏ based͏͏ on͏͏ active͏͏ adversary͏͏ behavior,͏͏ rather͏͏ than͏͏ treating͏͏ all͏͏ vulnerabilities͏͏ equally.͏͏ Flashpoint͏͏ also͏͏ advises͏͏ that͏͏ organizations͏͏ monitor͏͏ for͏͏ compromised͏͏ credentials͏͏ on͏͏ underground͏͏ marketplaces,͏͏ track͏͏ exploit͏͏ availability͏͏ from͏͏ unofficial͏͏ sources,͏͏ and͏͏ implement͏͏ multi-factor͏͏ authentication͏͏ and͏͏ privileged͏͏ access͏͏ monitoring͏͏ across͏͏ environments.

The͏͏ findings͏͏ reflect͏͏ broader͏͏ patterns͏͏ noted͏͏ in͏͏ other͏͏ industry͏͏ research.͏͏ IBM's͏͏ X-Force͏͏ Threat͏͏ Intelligence͏͏ Index͏͏ earlier͏͏ this͏͏ year͏͏ highlighted͏͏ a͏͏ substantial͏͏ increase͏͏ in͏͏ phishing͏͏ campaigns͏͏ delivering͏͏ infostealers,͏͏ along͏͏ with͏͏ a͏͏ shift͏͏ in͏͏ attacker͏͏ focus͏͏ toward͏͏ identity-based͏͏ access͏͏ vectors.͏͏ These͏͏ developments͏͏ have͏͏ contributed͏͏ to͏͏ the͏͏ growing͏͏ adoption͏͏ of͏͏ zero-trust͏͏ frameworks͏͏ across͏͏ enterprise͏͏ IT.

Flashpoint͏͏ positions͏͏ its͏͏ midyear͏͏ index͏͏ as͏͏ a͏͏ complement͏͏ to͏͏ its͏͏ annual͏͏ Global͏͏ Threat͏͏ Intelligence͏͏ Report,͏͏ providing͏͏ defenders͏͏ with͏͏ a͏͏ near͏͏ real-time͏͏ view͏͏ into͏͏ adversary͏͏ behavior.͏͏ "Our͏͏ goal͏͏ with͏͏ this͏͏ midyear͏͏ update͏͏ is͏͏ to͏͏ provide͏͏ security͏͏ teams͏͏ with͏͏ timely͏͏ insight͏͏ to͏͏ help͏͏ inform͏͏ decisions͏͏ during͏͏ the͏͏ second͏͏ half͏͏ of͏͏ the͏͏ year," according to the report.͏͏ "Understanding͏͏ how͏͏ threats͏͏ are͏͏ evolving͏͏ midstream͏͏ allows͏͏ defenders͏͏ to͏͏ make͏͏ better͏͏ use͏͏ of͏͏ their͏͏ existing͏͏ intelligence,͏͏ technology͏͏ and͏͏ staff."

With͏͏ the͏͏ second͏͏ half͏͏ of͏͏ 2025͏͏ underway,͏͏ the͏͏ report͏͏ indicates͏͏ that͏͏ credential-based͏͏ attacks,͏͏ exploit͏͏ weaponization,͏͏ and͏͏ data͏͏ leaks͏͏ will͏͏ remain͏͏ critical͏͏ areas͏͏ of͏͏ concern.͏͏ The͏͏ report͏͏ suggests͏͏ that͏͏ while͏͏ new͏͏ technologies͏͏ and͏͏ frameworks͏͏ offer͏͏ some͏͏ mitigation,͏͏ threat͏͏ actors͏͏ continue͏͏ to͏͏ adapt͏͏ rapidly͏͏ —͏͏ often͏͏ faster͏͏ than͏͏ enterprise͏͏ defenses͏͏ can͏͏ keep͏͏ pace.͏͏ Security͏͏ teams,͏͏ the͏͏ report͏͏ concludes,͏͏ will͏͏ need͏͏ to͏͏ be͏͏ equally͏͏ agile͏͏ in͏͏ order͏͏ to͏͏ respond͏͏ to͏͏ the͏͏ expanding͏͏ threat͏͏ landscape.

The full report is available here on the Flashpoint site (registration required).

About the Author

Chris Paoli (@ChrisPaoli5) is the associate editor for Converge360.

Featured

  • student reading a book with a brain, a protective hand, a computer monitor showing education icons, gears, and leaves

    4 Steps to Responsible AI Implementation

    Researchers at the University of Kansas Center for Innovation, Design & Digital Learning (CIDDL) have published a new framework for the responsible implementation of artificial intelligence at all levels of education.

  • cybersecurity book with a shield and padlock

    NIST Proposes New Cybersecurity Guidelines for AI Systems

    The National Institute of Standards and Technology has unveiled plans to issue a new set of cybersecurity guidelines aimed at safeguarding artificial intelligence systems, citing rising concerns over risks tied to generative models, predictive analytics, and autonomous agents.

  • laptop displaying a glowing digital brain and data charts sits on a metal shelf in a well-lit server room with organized network cables and active servers

    Cisco Introduces AI-First Approach to IT Operations

    At its recent Cisco Live 2025 event, Cisco announced AgenticOps, a transformative approach to IT operations that integrates advanced AI capabilities to enhance efficiency and collaboration across network, security, and application domains.

  • two large brackets facing each other with various arrows, circles, and rectangles flowing between them

    1EdTech Partners with DXtera to Support Ed Tech Interoperability

    1EdTech Consortium and DXtera Institute have announced a partnership aimed at improving access to learning data in postsecondary and higher education.