Cognyte 2025 Threat Landscape Report Reveals Global Trends in Cyberattacks, Ransomware and Stolen Credentials

HERZLIYA, Israel–(BUSINESS WIRE) – Cognyte Software Ltd., a global leader in investigative analytics software, today announced the latest findings from Cognyte’s LUMINAR Threat Intelligence Research Group, highlighted in its 2025 Annual Threat Landscape Report. The report provides detailed insights into the global cyber threat landscape and analyzes major trends and threat vectors worldwide, including exploitation of high-profile vulnerabilities, ransomware attacks and stolen access credentials.

The unique expert insights and comprehensive data in the report show that stolen access credentials published on dark web marketplaces increased about 28% from approximately 6 million in 2023 to approximately 7.7 million in 2024.

The report findings demonstrate how the boundaries are increasingly blurring between traditional types of threat actors – nation-state sponsored attackers, cybercriminals and hacktivists. Crime, conflict and terror are evolving, crossing borders, bypassing traditional cyber defenses and operating at scale.

Among the key findings from the 2025 LUMINAR Threat Landscape Report:

• 49% of cyberattacks were attributed to financially motivated cybercriminals, while state-sponsored actors accounted for 36% of attacks and hacktivists accounted for 4% of attacks in 2024.
• Several hacktivist groups ventured into cybercrime in 2024, launching their own ransomware and ransomware-as-a-service (RaaS) operations. Nation-state actors showed increased cooperation with ransomware gangs.
• Stolen access credentials continue to enable widespread cyberattacks, leading to data breaches, financial loss and system compromises. The unique expert insights and comprehensive data in the report show that stolen access credentials published on dark web marketplaces increased about 28% from approximately 6 million in 2023 to approximately 7.7 million in 2024.
• Cyber activities are increasingly used to support physical operations in war. Regional conflicts have escalated cyberattacks globally.
• Vulnerabilities continue to be a key attack vector. 40,704 new vulnerabilities were disclosed in 2024, with an average CVSS (Common Vulnerability Scoring System) score of 5.7.
• Ransomware gangs claimed responsibility for targeting 6,133 victims in 2024, an increase from 5,336 claimed victims in 2023. On the other hand, ransomware payments dropped by 35% worldwide.
• AI continues to revolutionize the cybersecurity landscape, with significant potential for fighting threats, as well as for exploitation in the hands of threat actors.