Food is popular in passwords, with "tea" appearing in 36 million entries, "apple" in 10.7 million, "rice" in 4.9 million, "orange" in 3.6 million, "Pizza" in 3.3 million.

Seasons are popular in passwords, with "Summer" appearing in 3.8 million entries.

Statistics for the First Four Months of 2025 (Year-to-Date): Healthcare: 34 confirmed attacks logged so far this year. 115 further unconfirmed attacks are being monitored, Government: 49 confirmed attacks logged throughout 2025 so far. 89 further unconfirmed attacks are being monitored, Education: 27 confirmed attacks logged throughout the first four months of this year. 69 further unconfirmed attacks are being monitored, Businesses: 165 confirmed attacks across 2025 so far. 2,118 further unconfirmed attacks are being tracked.

Most Prolific Ransomware Strains by Number of Confirmed Attacks in April 2025: Akira: Had the most confirmed attacks with three in total, Qilin: Had two confirmed attacks, NightSpire: Had two confirmed attacks, Silent: Had two confirmed attacks. Silent was new to the scene in April with just four claims in total, Sarcoma: Had two confirmed attacks.

Specific Ransom Demands Mentioned: Virgin Islands Lottery (VIL) refused a $1 million ransom demand, Oregon Department of Environmental Quality (DEQ) refused a $2.7 million demand from Rhysida, CPAS de Jemeppe-sur-Sambre (a Belgian social welfare centre) refused a €70,000 ransom demand, Medusa claimed an attack on Fall River Public Schools with a $400,000 ransom demand, Manchester Credit Union reported that Sarcoma attackers did not demand a ransom.

A fifth of OEMs are unsure of which regulations or standards apply regarding cybersecurity.

Under one-quarter of OEMs can deploy a security update within weeks

Passkey implementation has reached 48% of the world’s top 100 websites

More than half of consumers believe passkeys are both more secure (53%) and more convenient (54%) than passwords.

74% of consumers are aware of passkeys.

Security and time-to-market are ranked equally as top business priorities by OEMs.

Only one-fifth of OEMs are implementing a compliance plan for the EU Cyber Resilience Act. This is also stated as nearly one-fifth of respondents who admit they have no compliance plan regarding cybersecurity regulations.

Among people familiar with passkeys, 54% consider them to be more convenient than passwords.

More than two thirds of users familiar with passkeys turn to them for simpler, safer sign-ins.

69% of consumers have enabled passkeys on at least one of their accounts.

Over a third of OEMs cite prioritization as the top roadblock to establishing an explicit Device Lifecycle Management (DLM) process.

Over 35% of people had at least one of their accounts compromised due to password vulnerabilities in the last year.

Among those who have used passkeys, 38% report enabling them whenever possible.

More than half of OEMs claim to comply or plan to comply with cybersecurity regulations.

Nearly half of product launch delays stem from software issues like bugs, deployment problems, and new security patches, say OEMs.