Initial access brokers on cybercriminal forums are increasingly offering: corporate credentials (20%), RDP access (19%), admin panels (13%), web shells (12%).

Remote access tools like VPNs and RDP were correlated with 80% of ransomware attacks in 2024, up from 63% the year prior.

Of the successful leaked password login attempts on WordPress sites, 48% are bot-driven. The remaining 52% of successful logins on WordPress sites originate from legitimate, non-bot users.

76% of leaked password login attempts for websites built on WordPress are successful.