Infostealer Attacks Surge 800% – Protect Your Credentials Now
▼ Summary
– Identity-based attacks surged with 1.8 billion credentials stolen in H1 2025, an 800% increase from the previous six months.
– Over 20,000 disclosed vulnerabilities were found in H1 2025, with 12,200 not yet listed in the NVD, leaving many organizations unaware.
– Ransomware breaches rose 179% in 2025, primarily targeting manufacturing (22%), technology (18%), and retail (13%) sectors.
– Data breaches spiked by 235% in four months, compromising 9.5 billion records, with unauthorized access accounting for 78% of incidents.
– The rapid growth of vulnerabilities (246%) and exploit code (179%) makes it impossible for security teams to address every threat.
The cybersecurity landscape is facing an unprecedented crisis as identity-based attacks skyrocket, with stolen credentials reaching alarming new heights. Recent findings reveal that 1.8 billion login details were compromised in just the first half of 2025, marking an 800% surge compared to the previous six months. This staggering figure underscores the growing sophistication of cybercriminals and the urgent need for stronger defenses.
The data comes from a comprehensive analysis of 3.6 petabytes of threat intelligence, uncovering breaches across 5.8 million infected devices and systems. What makes these attacks particularly dangerous is their stealth, once credentials are stolen, hackers can silently infiltrate corporate networks unless multi-factor authentication (MFA) is in place. Without it, businesses remain vulnerable to covert intrusions.
But the threats don’t stop there. Security teams are grappling with another critical issue: over 20,000 newly disclosed vulnerabilities in the same period, with 12,200 yet to appear in the National Vulnerability Database (NVD). This gap leaves many organizations unaware of potential risks. Even more concerning, nearly 7,000 of these vulnerabilities already have public exploits, making them prime targets for attackers.
The report highlights a 246% spike in disclosed vulnerabilities since February 2025, alongside a 179% increase in publicly available exploit code. These numbers paint a grim picture for cybersecurity professionals, who are struggling to keep up with the sheer volume of threats. Prioritizing patches has become nearly impossible, leaving networks exposed to exploitation.
Ransomware attacks are also surging, fueled by stolen credentials and unpatched vulnerabilities. Confirmed breaches have risen by 179% this year, with manufacturing, technology, and retail sectors bearing the brunt. Meanwhile, 3,104 data breaches were reported in the first half of 2025, exposing 9.5 billion records. Unauthorized access accounted for 78% of these incidents, illustrating how breaches serve as both the starting point and endgame for cybercriminal operations.
Stolen data doesn’t just disappear, it fuels further attacks. Personal information harvested from breaches is often sold on dark web markets or used in extortion schemes, perpetuating a vicious cycle of cybercrime. With experts predicting 2025 could set a new record for data breaches, organizations must act swiftly to secure their systems, enforce MFA, and stay ahead of evolving threats. The time to strengthen defenses is now.
(Source: InfoSecurity Magazine)
