IBM Security’s 2025 X-Force Threat Intelligence Index discusses emerging and shifting attack trends, revealing that malicious actors are increasingly utilizing stealthier tactics (such as credential theft via infostealers).

According to the report, there was an 84% increase in phishing emails that included infostealers in 2024 compared to the previous year. Furthermore, initial data for 2025 indicates this trend could continue, as early 2025 has shown an increase of 180%. The research also found that more malicious actors stole data (18%) than encrypted (11%). Additionally, 12% extorted target organizations. 

In 2024, there were 8 million advertisements on the dark web for just the the top five infostealers. Each listing had the potential to contain hundreds of credentials, leading to the theft of approximately 1.6 billion stolen credentials. 

Key findings from the report include: 

• Nearly 50% of all cyberattacks led to stolen credentials or data.
• Malicious actors leveraged vulnerabilities in more than 25% of attacks targeting critical infrastructure sectors last year. 
• Four out of 10 of the top mentioned Common Vulnerabilities and Exposures (CVEs) on the dark web were associated with sophisticated threat actor groups, such as nation-state adversaries.