Market Overview - The global cyber insurance market is projected to reach up to $50 billion by 2030, increasing from an estimated $16 billion to $20 billion in 2025 [3] - The market experienced significant growth from 2020 to 2022, with a peak year-over-year growth of nearly 61% in 2021 [3] Recent Trends - Following a period of rapid premium increases due to a complex cyber threat landscape, growth slowed to 1.62% in 2023 and contracted by 7.11% in 2024 [4] - The market remains mostly buyer-friendly, but risks from ransomware and supply chain issues persist, with artificial intelligence expected to exacerbate threats [4] Future Outlook - Insurers are anticipated to refine policy language and address AI-related exposures while focusing on risk management strategies to mitigate impacts from deepfake technology and social engineering [5] - Cyber insurance prices are expected to remain flat through at least the first half of 2026, following a stabilization after three years of market softening [7] - The healthcare sector is experiencing slightly higher cyber insurance prices due to a less competitive claims environment [7]

Nike is investigating a potential data breach after ransomware group World Leaks claimed on its website that it had leaked 1.4 terabytes of data related to the company’s business operations, Reuters reported Monday (Jan. 26).By completing this form, you agree to receive marketing communications from PYMNTS and to the sharing of your information with our sponsor, if applicable, in accordance with our Privacy Policy and Terms and Conditions .Complete the form to unlock this article and enjoy unlimited free ac ...

Core Insights - The article discusses the rise of a criminal organization known as "The Com," which recruits young individuals, primarily teenagers, to conduct ransomware attacks against major corporations, exploiting their technical skills and naivety [3][4][19]. Recruitment and Operations - The Com prioritizes female candidates and offers training for inexperienced individuals, with compensation of $300 per successful call, paid in cryptocurrency [2][19]. - The organization has infiltrated U.S. and UK companies with a combined market cap exceeding $1 trillion, targeting around 120 companies, including well-known brands like Nike and Louis Vuitton [3][4]. Tactics and Techniques - The Com employs sophisticated social engineering tactics, utilizing platforms like LinkedIn and Slack to gather information about employees and corporate structures [7][10]. - Members of the group often mimic legitimate help desk calls to extract sensitive information from employees, exploiting the asymmetry in authentication processes [11][20]. Youth Involvement and Risks - Many of the young recruits are unaware of the severe legal consequences, with some facing federal charges and significant prison sentences for their involvement [4][17]. - The article highlights that the recruitment often begins in gaming communities, where young individuals are groomed for cybercrime [15][23]. Gender Dynamics - The organization has seen an increase in female participation, which is strategically leveraged for social engineering due to societal biases that underestimate women [19][22]. - Despite the growing number of female recruits, the leadership remains predominantly male, and women are often not given opportunities for advancement within the organization [22]. Parental Awareness and Cybersecurity - Parents often remain unaware of their children's involvement in cybercrime until law enforcement intervenes, highlighting a gap in monitoring online behavior [6][26]. - The complexity of online crimes makes it difficult for parents to recognize warning signs, necessitating a more proactive approach to cybersecurity at home [25][26].

Two former employees of cybersecurity companies pleaded guilty to federal crimes for launching their own ransomware attacks in a plot to extort millions of dollars from victims around the US https://t.co/VSALwiKGgy ...

Fintech firm Marquis alerts dozens of US banks and credit unions of a data breach after ransomware attack https://t.co/0QeNwu6y2C ...

US, UK, and Australia sanction Russian ‘bulletproof’ web host used in ransomware attacks https://t.co/WVv2GQY54n ...

Core Insights - Rapid7's Q3 2025 Threat Landscape Report highlights the evolving tactics of threat actors, emphasizing the acceleration of vulnerability exploitation and the rise of ransomware groups leveraging artificial intelligence [1][2][5] Vulnerability Exploitation - The total number of newly exploited vulnerabilities decreased by 21% from Q2 to Q3 2025, yet attackers are increasingly targeting older, unpatched vulnerabilities, including those over a decade old [2] - The exploitation of critical vulnerabilities in Microsoft SharePoint (CVE-2025-53770) and Cisco ASA/FTD products illustrates the urgent need for timely patching [3] Ransomware Activity - The number of active ransomware groups surged to 88 in Q3 2025, up from 65 in Q2 and 76 in Q1, indicating a significant increase in ransomware activity [4] - New alliances among ransomware groups, such as Qilin, SafePay, and WorldLeaks, are targeting various industries and employing innovative tactics like fileless operations and single-extortion data leaks [4] AI and Cyber Warfare - Generative AI is facilitating the creation of sophisticated phishing campaigns and adaptive malware, lowering barriers for cybercriminals [5] - Nation-state actors from Russia, China, and Iran are refining their tactics, focusing on supply chain and identity system attacks, which blur the lines between espionage and disruption [5] Report Overview - The Rapid7 Threat Landscape Report provides a comprehensive analysis of global adversary behavior, covering various threats from ransomware to state-sponsored operations and AI-driven attacks [7]

it is 2025 and silicon valley elite still think publicly traceable blockchains like bitcoin are dangerous because "ransomware" while forgetting that cash is literally untraceableretardioCoinDesk (@CoinDesk):⚠️ @reidhoffman explains why Silicon Valley feared crypto: "crypto is... the preferred ransomware for people holding, you know, uh, critical infrastructure, hospitals, other kinds of things hostage." https://t.co/lPTHeKjl1b ...

Cybersecurity Threats - Three cybersecurity company employees allegedly engaged in criminal hacking activities [1] - The alleged plot involved launching ransomware attacks [1] - The aim was to extort millions of dollars from victims across the US [1]

Three employees at cybersecurity companies spent years moonlighting as criminal hackers, launching their own ransomware attacks in a plot to extort millions of dollars from victims around the country, US prosecutors allege https://t.co/uVx9DtjhqV ...