Cybercriminals are increasingly using legitimate HTTP client tools, such as Axios and Node-fetch, to execute account takeover attacks on Microsoft 365 environments, achieving notable success rates and leveraging sophisticated techniques to bypass security measures.
The 2025 API ThreatStats Report by Wallarm reveals a staggering 1,205% increase in AI-driven API vulnerabilities, with nearly all AI-related flaws linked to insecure APIs, emphasizing the urgent need for enhanced security measures.
In 2024, threat actors reduced the average breakout time to 48 minutes, with a notable 142% increase in initial access broker listings and a concerning reliance on valid credentials for network infiltration.
Ransomware attacks in 2023 have increasingly focused on backup systems, resulting in over $1 billion in cryptocurrency extorted from victims, highlighting the urgent need for advanced data protection strategies.
Cybercriminals are increasingly targeting government websites, particularly those with .gov domains, using tactics such as open redirects to conduct phishing campaigns and distribute malware globally.
A recent report reveals that ransomware attacks have led to significant operational disruptions, with 58% of affected organizations shutting down operations for recovery, alongside notable increases in financial losses and brand damage.
