Among undisclosed ransomware attacks in Q1 2026, Qilin led with 339 attacks (16%), The Gentlemen 200 attacks (9%), and Akira 190 attacks (9%).

MURKY PANDA deployed an operational relay box network across more than 150 endpoints in 36 countries, targeting 340 organizations across more than 30 sectors.

44% of middle market companies define roles and responsibilities for AI decision-making.

8% of Americans aged 65 and older say they are very comfortable using financial apps.

34% of Americans cite credit card fraud as their top concern.

54% of Americans aged 35 to 44 are concerned about peer-to-peer scams.

More than half of Americans under 35 are concerned about deepfake scams.

PRESSURE CHOLLIMA conducted the largest financial theft ever reported: $1.46 billion in cryptocurrency via a trojanized supply chain compromise.

17% of Americans aged 65 and older agree that the financial institution bears responsibility for fraud.

15% of organizations leave WordPress admin panels internet-facing.

Midmarket organizations average 56 days to remove exposures, nearly four times slower than smaller enterprises.

67% of ransomware victims confirmed their ransomware incident stemmed from an identity attack.

Across more than 750 major cyber incidents investigated in 2025, Unit 42® found that 87% required evidence from two or more distinct sources to establish what happened.

85% of organizations agree that fragmented identity systems and tools impact or delay their ability to detect and respond to identity-related threats.

Since 2023, the share of organizations deploying patches within six days has nearly quadrupled, rising from 15% to 59%.

Organizations experience an average 3.4% drop in stock price following a downtime event.

Attackers exploited vulnerabilities an average of seven days before public disclosure in 2025.

87% of monitored client-facing mobile applications faced attacks in 2026, up from 55% in 2022.

Mobile application attack rates progressed in a five-step trajectory of 55% → 57% → 65% → 82.7% → 87% over the five-year period from 2022 to 2026.

45.6% of employees' personal AI activity flows through enterprise tools their company is paying for.