Valid account credentials without multi-factor authentication continued to be the dominant initial access vector in cyberattacks last quarter, accounting for 56% of all cybersecurity incidents during the first three months of 2025, Infosecurity Magazine reports.Vulnerability exploitation and brute force attacks were the next most common initial access techniques harnessed in attacks over the same period, with the FortiOS and FortiProxy race condition authentication bypass flaw, tracked as CVE-2024-55591, leveraged to compromise firewalls, according to Rapid7 research presented at Infosecurity Europe 2025. Threat actors were also found to have exploited exposed remote desktop protocol services, SEO poisoning, and exposed remote monitoring and management tools to infiltrate targeted systems. Additional findings showed that 40% of all attacks during the first quarter involved the BunnyLoader malware-as-a-service loader, which features credential theft and additional malware delivery capabilities. Manufacturing was most targeted by cyber incidents, followed by business services, communications, healthcare, retail, and finance.
As outlined in CyberScoop, the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) has canceled a contract with Penlink that utilized ad-surveillance technologies to track Americans' locations.
