As reported by The Hacker News, a new report indicates a significant shift in cyberattack strategies, moving away from disruptive ransomware and encryption towards prolonged, undetected access. The Picus Labs Red Report 2026 analyzed over 1.1 million malicious files and 15.5 million adversarial actions from 2025, revealing that attackers are prioritizing stealth and persistence over immediate disruption.The report highlights a 38% year-over-year decrease in "Data Encrypted for Impact" techniques, signaling a strategic pivot. Instead of locking systems, attackers are focusing on data extortion, quietly exfiltrating sensitive information and harvesting credentials. Credential theft, particularly from password stores, now appears in nearly one out of every four attacks, serving as the primary control plane. Furthermore, eight of the top ten MITRE ATT&CK techniques observed are now dedicated to evasion, persistence, or stealthy command-and-control, indicating a move towards maximizing dwell time. Malware is increasingly exhibiting self-aware behavior, evading analysis by detecting sandbox environments and withholding execution until it reaches a production system.The focus is shifting from detecting loud, disruptive attacks to identifying subtle, persistent compromises. Organizations must prioritize behavior-based detection, robust credential hygiene, and continuous adversarial exposure validation to defend against these "digital parasites," according to Picus Labs.Source: The Hacker News
Threat Intelligence, Ransomware
Cyberattacks shift to stealthy, long-term access over ransomware

(Adobe Stock)
An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



