Akira has already listed 15% more victims in the first half of 2025 than it did throughout the entirety of 2024.

Retail trade accounted for only 4% of total ransomware victims in Q2 2025.

Construction was the third most targeted sector by ransomware in Q2 2025.

Akira showed a 348% rise in the number of organizations named in Q2 2025 compared to the same period last year.

Qilin emerged as the top ransomware threat in Q2 2025.

Phone numbers are sometimes reused on consecutive days in TOAD attacks.

Most phone numbers found in email threats leveraging the TOAD social engineering technique are Voice over Internet Protocol (VoIP) numbers.

NortonLifeLock, PayPal, and Geek Squad were among the most impersonated brands in TOAD emails with PDF attachments

Microsoft and Docusign were among the most frequently impersonated brands in phishing emails with PDF attachments.

A significant portion of email threats with PDF payloads persuade victims to call adversary-controlled phone numbers, employing Telephone-Oriented Attack Delivery (TOAD) or callback phishing.

Sectors like social media (28%), hospitality (22%), and automotive (13%) face a steeper path to consumer confidence regarding data trust

Financial institutions (57%) score highest on trust when it comes to collecting and using customer data.

Only 23% of consumers say they fully understand how their data is used.

Threat actors have generated more than 17,000 AI-written GitBook phishing pages specifically targeting crypto users.

29% of the suggested incorrect domains given by an LLM in return to a query were unregistered, parked, or had no active content, leaving them vulnerable to takeover by malicious actors

LLM model returned the correct URL for brands two-thirds (66%) of the time.

62% of consumers feel like they have "become the product".

In a sophisticated campaign to poison AI coding assistants, Netcraft uncovered an effort where an attacker promoted a fake API. At least five victims were found to have copied this malicious code into their own public projects, some of which showed signs of being built using AI coding tools.

5% of the suggested incorrect domains given by an LLM in return to a query pointed users to completely unrelated, albeit legitimate, businesses

Out of 131 hostnames provided by the LLM in response to natural language queries for 50 brands, a significant 34% were not controlled by the brands at all.