Six Trends To Watch Out For In 2026 From HP Wolf Security
HP, Monday, December 29th, 2025
Attackers will accelerate their investments in cookie theft
"Generalized MFA deployment will accelerate threat actors' switch to stealing cookies and tokens instead of passwords. This means threat actors will need to act swiftly from time of theft, utilizing the stolen cookie before it expires to insert backdoors that then grant them persistent access. Online marketplaces will expand to enable this with rapid trading and exploitation.
Defenses against cookie and token theft are not mature and are inconvenient for users. This means that we will see attacks involving such theft becoming increasingly commonplace. This is particularly serious for privileged users such as sysadmins, who frequently use web browsers to access high value administrative web sites, such as EntraID, InTune, or AWS web portals, where cookie theft creates an easy path to a catastrophic enterprise breach.