Record Activity Driven by Array of Options for Attackers

By Corvus Threat Intel & Risk Advisory

58 minutes

Last Updated May 26, 2025

Threat Intel & Vulnerabilities

Webinar replay

Key takeaways:

Ransomware hits new highs: Over 2,200 victims were listed on leak sites in Q1, a 35% jump from last quarter. Cl0p and RansomHub dominate: These two groups led activity, with Cl0p responsible for the most known attacks.
AI boosts phishing: Threat actors are using tools like GhostGPT to generate more convincing, hard-to-detect phishing emails.
Extortion-only attacks rise: Some groups are skipping encryption altogether and focusing solely on data exposure threats.
Social engineering evolves: New tactics include Microsoft Teams impersonation, deepfakes, and even physical mail scams.

Recent articles

Understanding Business Email Compromise and How It Drives Claims

Business Email Compromise drives billions in losses each year. Learn how BEC works, its impact on claims, and key defenses like out-of-band authentication.

Recent articles

ClickFix and FileFix: How Hackers Get Victims to Infect Their Own Computers

ClickFix and FileFix attacks trick users into self-infecting devices. Learn how they work, why they spread, and how to help defend against them.

Recent articles

Q2 '25 Travelers Cyber Threat Report: How BEC Drives Cyber Claims

Ransomware declines in Q2 2025, but BEC and social engineering fraud remain significant challenges for businesses. Learn more in our latest report.

Explore more articles