Crypto miners saw a slight decline in Q2 2025, representing 5% of the total malicious packages identified, as attackers shifted towards more profitable and persistent vectors.

The malicious npm package named crypto-encrypt-ts, which masqueraded as a legitimate revival of the widely used CryptoJS library, accumulated nearly 1,928 downloads before analysis revealed its stealthy, data-harvesting nature.

7% of Gen X and Boomers report being less concerned about online security than they were five years ago.

The majority (67%) of consumers believe that their personal information is already on the dark web.

There was 118 total funding and M&A cybersecurity transactions.

Zelle transactions were accompanied by a 34% rise in attempted fraud in 2024.

Zelle transactions saw a 26% increase in value in 2024.

Scams are still the method of choice across 57% of attempted fraud transactions.

67% of all fraud is linked to just 7% of payments made to newly added payees

From 2023 to 2024, fraudsters' focus shifted back slightly towards Account Takeover (ATO) Fraud from Scams in terms of overall value of attempts.

The value of attempted fraud for international wires surged 40% in 2024.

In 2024, the total value of international wire transactions declined 6% year over year.

From a volume perspective, there was a slight shift towards Scams to 52% in 2024 vs. a 50/50 split in 2023.

In 2023, two hospitality companies attacked by Scattered Spider.

11 of the 21 incidents attributed to Scattered Spider over 36 months occurred in the short window between April and early July 2025, indicating a steep rise in activity in 2025.

In 2022, four technology companies attacked by Scattered Spider.

In 2025 (through 7/2/2025), four retail, four insurance, and three aviation firms attacked by Scattered Spider.

91% of companies analyzed by CyberCube are currently classified as "low risk" for Scattered Spider attacks.

In 2023, MGM absorbed approximately $100 million in losses due to Scattered Spider.

2% of large firms are at the highest risk from Scattered Spider. This equates to 287 companies in the analysed portfolio. These companies use three or more technologies frequently targeted by Scattered Spider and have security lapses the group exploits.