Inside 2025's Top Threat Groups: Why Familiar Actors Still Have The Upper Hand
Security Boulevard, Monday, January 5th, 2026
As cyberattackers evolve at a pace defenders can't match, new research uncovers the threat groups behind today's most destructive incidents and the organizational weaknesses keeping security teams a step behind.
Over the past year, we've seen tremendous growth in ransomware activity from some of the world's leading groups, including RansomHub, LockBit, DarkSide, APT41, and Black Basta.
For the most part, these groups also rely on older tactics to gain access. Phishing remains the top gateway to entry, while other common tactics include social engineering, software exploitation, and stolen credentials. Despite many of these attack tactics looking familiar year after year, organizations still find themselves reacting from a position of disadvantage - constantly starting on the back foot.