In the latest edition of the Picus Red Report 2025, Picus Security has revealed a significant rise in credential theft, with a threefold increase in malware targeting credential stores, underscoring the growing sophistication of cyber threats and the need for robust security measures.

Key Findings:

• Threefold Increase in Credential Theft: The report highlights a 3X surge in malware specifically designed to steal credentials from password managers and browser-stored login data. This increase reflects the growing market for compromised logins and the evolving tactics of cyber adversaries

• Top 10 MITRE ATT&CK Techniques: The analysis of over 1 million malware samples revealed that 93% of malicious actions were related to the top 10 MITRE ATT&CK techniques. These techniques are consistently used by attackers to infiltrate and burrow deep into victims’ environments

• Rise of Infostealer Malware: The report introduces a new wave of infostealer malware, dubbed “SneakThief,” which employs multi-stage infiltration, advanced process injection, secure channel exfiltration, and boot persistence. These techniques enable attackers to siphon off credentials and entire networks without triggering alarms

These findings emphasize the critical importance of securing credential stores and implementing advanced threat detection and response strategies.

Need to know how Pucus can help you to defense against credential theft and to enhance the resilience to sophisticated cyber threats? Contact us (sales@idc.it) for a no-obligation chat!