Navigating 2025’s Midyear Threats: Insights from Flashpoint’s Global Intelligence Index

The first half of 2025 witnessed extreme volatility and escalating risk across the threat landscape. Organizations are navigating a complex environment that is marked by the rapid expansion of information-stealing malware and the relentless pervasiveness of ransomware, vulnerabilities, and data breaches. To effectively defend against them, security teams need timely and actionable threat intelligence.

Flashpoint’s Global Threat Intelligence Index: 2025 Midyear Edition

Flashpoint’s Global Threat Intelligence Index: 2025 Midyear Edition provides threat intelligence, vulnerability management, and executive teams with proprietary data and critical insights to navigate this year’s most dangerous threats. Serving as a companion to the Flashpoint 2025 Global Threat Intelligence Report (GTIR), this midyear update reveals significant escalations in threat activity since the beginning of the year:

• The theft of credentials via information-stealing malware has skyrocketed by 800%.
• Vulnerability disclosures increased by 246%, with publicly-available exploits rising by 179%.
• Ransomware incidents rose by 179%.
• Data breaches have surged by 235%.

These figures expose a dynamic, hybrid, and increasingly volatile threat landscape that demands a proactive, holistic security approach. Powered by Flashpoint’s best-in-class primary source collection of over 3.6 petabytes of data, the Global Threat Intelligence Index provides readers with:

1. A clear understanding of 2025’s top cyber and hybrid threats: See the sharp rise in malicious activity that the threat landscape is experiencing, largely driven by information-stealing malware, exploited vulnerabilities, ransomware campaigns, and high-impact data breaches.
2. Actionable intelligence and insights: Learn the trends surrounding today’s threats, supplemented with Flashpoint’s data-driven insights that bring much-needed context to evolving attack vectors.
3. Strategies for proactive defense: Move your organization beyond reactive incident response by leveraging Flashpoint’s comprehensive threat intelligence. Gain the foresight needed to strengthen defenses and optimize your security posture.

Deeper visibility into these escalating threats is not just advantageous, it’s mission-critical. Our midyear analysis clearly demonstrates how these distinct threats are converging to form more complex, multi-stage attack chains.

2025 Threat Landscape: Information-Stealing Malware

Since 2024, Flashpoint has observed a significant rise in the use and popularity of information-stealing malware (also known as infostealers and stealers). These tools have gained traction due to their low cost, accessibility, and ability to provide threat actors with deeper access than many other initial access vectors.

The most concerning trend is the rise of “identity” as a primary attack vector, fueled directly by infostealers. The theft of over 1.8 billion credentials in the first half of 2025 alone—an 800% increase—underscores how these stolen digital identities underpin major malicious campaigns. They enable initial access that can cascade into significant data breaches across organizations and their supply chains.

2025 Threat Landscape: Vulnerabilities

The digital attack surface continues to expand, and the volume of disclosed vulnerabilities is growing at a record pace—up by a staggering 246% since February 2025. This explosion, coupled with a 179% increase in publicly-available exploit code, intensifies the pressure on security teams. It’s no longer feasible to triage and remediate every vulnerability.

In addition, traditional reliance on public sources like the National Vulnerability Database (NVD) is creating critical intelligence gaps. Our analysis reveals a significant backlog of nearly 42,000 vulnerabilities awaiting NVD analysis, leaving defenders without crucial insights. Flashpoint’s advanced vulnerability intelligence offerings address this delta directly, providing immediate access to these “missing” entries with comprehensive vulnerability metadata and technical insights.

2025 Threat Landscape: Ransomware

Ransomware remains one of the greatest financial and operational risks facing organizations worldwide, rising by 179% since the start of 2025. Despite significant advancements in cybersecurity defenses, it continues to thrive and evolve, fuelled by ransomware-as-a-service (RaaS) distribution and the interconnectedness of adjacent threats such as infostealers and vulnerability exploits.

2025 Threat Landscape: Data Breaches

Over the past four months, data breaches surged by 235%, with unauthorized access accounting for nearly 78% of all reported incidents. Data breaches are both the genesis and culmination of threat actor campaigns, serving as a source of continuous fuel for cybercrime activity. As a genesis, breaches provide attackers with various elements of personally identifiable information (PII). They are also the end result of the illicit operation, where stolen data is extorted or listed for sale for financial gain.

The Invisible Front: Emergent Cyber Threats and Profound Geopolitical Shifts

In 2025 boundaries between traditional warfare, cyber conflict, and geopolitical competition are dissolving. From state-on-state aggression and rapid rearmament in Europe to escalating proxy wars and record-setting cyberattacks, the security environment for governments, businesses, and civilians alike has grown more complex, more interconnected, and more volatile than ever.This convergence demands a holistic intelligence lens—one that connects cyber threats to geopolitical tensions, kinetic escalation to digital sabotage, and espionage to supply chain disruption.

“In today’s threat environment, where kinetic conflict, digital sabotage, economic warfare, and terrorism can be intertwined, understanding the full spectrum of risk is critical. By recognizing these converging threats and clearly communicating their implications to Boards and C-Suite leaders, security professionals can help their organizations address today’s crises while building the strategic resilience for what comes next.”

Andrew Borene, Executive Director of Global Security and International Markets, Flashpoint

Building Resilience in a Volatile Landscape

Flashpoint’s Global Threat Intelligence Index: 2025 Midyear Edition provides a critical snapshot of this year’s most prevalent and developing threats. By operationalizing the insights and strategies outlined in this report, organizations can proactively defend against evolving threats, adapt to the dynamic nature of cybercrime, and build a more secure and resilient future.

Download Flashpoint’s Global Threat Intelligence Index today to unlock critical insights and exclusive data.