Identity, Ransomware

Cyberattacks powered by stolen credentials on the rise

Cybersecurity incidents are increasingly centered on identity abuse, where stolen login credentials serve as the primary entry point for attackers, and the growing number of ransomware incidents highlights how effective credential theft has become, reports SecurityWeek.

Credential theft has grown into an organized marketplace where stolen access data is packaged and sold, supplying cybercriminals with ready-made entry points into networks, with AI also reshaping threats. Threat actors are using large language models to develop malware and improve phishing campaigns. Stolen credentials further enable supply chain and software-as-a-service attacks that exploit trusted systems. Ontinue researchers reported that "the first meaningful signs of LLM-assisted malware development in 2H 2025."

Ransomware activity remains widespread, with thousands of incidents tracked through 2025. Although overall ransom payments declined slightly, cybercriminals adapted by targeting smaller organizations and demanding lower payments while increasing attack frequency. Ontinue concluded that shifting cybersecurity strategies toward monitoring identity use, detecting abnormal behavior, and treating identity protection as the core defense against evolving threats.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds