#threats
- News · Jan 20, 2026Microsoft reports identity attacks dominated by password attacks
Microsoft research found the overwhelming majority of identity attacks target passwords, and that phishing-resistant MFA blocks over 99% of them.
- News · Nov 10, 2025IBM reports global average data breach cost eased to $4.44M
IBM Cost of a Data Breach research showed a modest decline in average breach cost, driven by faster identification and containment.
- News · Jul 8, 2025Infostealer-driven session and token theft surges
Threat researchers reported a sharp rise in infostealer malware harvesting credentials and live session cookies, enabling attackers to bypass MFA.
- News · Jun 19, 2025Report describes a 16 billion credential compilation circulating online
Researchers described one of the largest aggregations of stolen credentials to date, largely sourced from infostealer logs and prior breaches.
- News · Apr 23, 2025Verizon DBIR finds credentials and the human element central to breaches
The annual Data Breach Investigations Report again highlighted stolen credentials, phishing, and the human element as dominant breach factors.
- News · Feb 4, 2025Vendors warn of surge in deepfake-driven identity verification fraud
Verification vendors reported rapid growth in deepfake and injection attacks against remote identity proofing, raising the bar for liveness detection.
- News · Nov 12, 2024Scattered Spider help-desk social engineering drives identity attacks
Authorities warned that the Scattered Spider group continued to bypass MFA through help-desk social engineering and SIM swapping, hitting major enterprises.
- News · Jul 4, 2024RockYou2024 compilation exposes billions of leaked passwords
Researchers reported a massive aggregation of previously leaked passwords, a reminder that credential reuse keeps fueling account-takeover attacks.