More Attackers Are Logging In, Not Breaking In
Dark Reading, Tuesday, March 17th, 2026
Credential theft soared in the second half of 2025, thanks in part to the industrialization of infostealer malware and AI-enabled social engineering.
Credential theft is now the primary way attackers gain initial access to enterprise networks, and the speed, scale, and sophistication with which they are weaponizing stolen credentials is outpacing the ability of defenders to block them.
A new analysis of 2025 threat data by Recorded Future shows a startling increase in the volume of stolen credentials available in underground markets last year, suggesting accelerating attacks targeting usernames, passwords, authentication tokens, and other sensitive login data.