Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

For the second time in a row, Bitsight has been named an Overall Leader in the KuppingerCole Leadership Compass for Attack Surface Management (ASM)—and it’s not just a title. The report offers a deep dive into how organizations are using ASM to get ahead of cyber threats by proactively managing their digital risk.

Threat Intelligence (TI) has become the secret weapon of modern security teams—essential for identifying possible emerging threats before they escalate. But TI is only as valuable as its accuracy, relevancy, and timeliness. Unfortunately, many traditional TI approaches can no longer keep up, as security teams are plagued with information overload: too many signals, too little context, and limited resources to process everything. This is why the coupling of GenAI and TI is a game changer.

Welcome to 2025, where thousands of internet-connected cameras meant to protect us are actually putting us at risk. In our latest research at Bitsight TRACE, we found over 40,000 exposed cameras streaming live on the internet. No passwords. No protections. Just out there. We first raised the alarm in 2023, and based on this latest study, the situation hasn’t gotten any better.

Third-Party Risk Management (TPRM) is a critical function for modern organizations, given the reliance on external vendors and partners. The interconnectedness of digital ecosystems means that a breach at a third party can have severe repercussions for your organization. In a recent Dark Reading survey, 30% of organizations experienced some or many supply chain attacks over the past 12 months, and only 14% of respondents reported themselves confident their supply chain is completely secure.

Ransomware attacks are undeniably on the rise—but just how significant is the increase? According to Bitsight CTI researchers, ransomware attacks (as measured by unique victims listed on leak sites) rose by almost 25% in 2024, and the number of ransomware group leak sites rose by 53%. Ransomware is becoming the go-to tactic for financially driven threat actors seeking quick and substantial payouts.

Around 10:33 UTC, on April 28, 2025, Portugal, Spain, and some regions in the south of France were hit by a nationwide power outage. It impacted business, public transport, healthcare, and the daily lives of millions.

According to our 2025 State of the Underground report—in which we take a look back at cybercrime on the deep and dark web from the past year—384 unique varieties of malware were sold in 2024, an increase from 349 in 2023. To determine this number, our research team examined malware and hacking tools for sale on the top three criminal forums, and as a result, we found that Remote Access Trojans (RATs) were the second most common form of malware in 2024, just behind stealer malware.

Since mid-2024, Bitsight has been collaborating with Microsoft’s Digital Crimes Unit and other partners to dismantle the operational capabilities of Lumma Stealer (LummaC2) — currently the most widely distributed information stealer. Early this week, a coordinated action was carried out to disrupt its operations and take down the supporting malware infrastructure.

In 2024, we collected 2.9 billion unique sets of compromised credentials—a jump from the 2.2 billion collected in 2023. While this rise can be explained by advancement in Bitsight’s credential collection capabilities, we assess that the precise number of credentials shared on the underground has also risen, fueled by increased data breaches and the spike in stealer logs.

We know that everyone loves a feel-good, optimistic story, and when we set out to write our annual State of the Underground report — an analysis of nearly 2 billion intelligence items that we collected in 2024, including posts from underground forums and markets, Telegram messages, and news articles — we hoped to find the cyber equivalent of a cup of hot chocolate.