Attackers have collected approximately 75,000 administrator passwords from Fortinet firewalls globally, easily cracked them using outdated hashing methods, and now have persistent access to affected corporate networks.
Ransomware incidents reached a yearly peak in May 2026 with 698 registered cases, as attackers shift from classical attack methods to more profitable extortion campaigns.
Chinese threat actors remained undetected in Microsoft 365 tenants for 18 months, exploiting a Managed Service Provider as a base for supply chain attack scenarios.
JDY is not a classical DDoS botnet, but rather an industrialized reconnaissance infrastructure that abuses edge devices as distributed scanners to identify targets before exploitation.
Cybercriminals increasingly employ professionalized automated standard methods and are becoming faster at exploiting vulnerabilities, while phishing and invisible attacks using legitimate tools are becoming the norm.
Attackers systematically exploit AI branding in social engineering campaigns to manipulate employees — the attack vector is shifting from technical to behavioral vulnerabilities.
TrendAI leverages Anthropic’s Claude model in Project Glasswing to automate source code analysis, enabling faster identification and coordinated disclosure of vulnerabilities in critical software.
Cybercriminals are increasingly attacking AI-based protection mechanisms directly, while AI-powered website builders and OAuth-based consent phishing open new attack surfaces.