- Flashpoint warns of an ‘age of total convergence’ in cybercrime
- 1,500% increase in illicit discussions on AI, 3.3 billion credentials stolen in 2025
- Ransomware evolves into identity-focused insider attacks
Cybercrime has entered the “age of total convergence,” where everything from reconnaissance and phishing generation to credential testing and infrastructure rotation is done through agentic AI frameworks without any human control, experts have warned.
Security researchers Flashpoint’s Global Threat Intelligence Report (GTIG) 2026 noted that this “high-velocity threat engine” lowers the barrier to entry and accelerates threats, forcing defenders to adapt or face the consequences.
According to the report, four converging forces are reshaping the global threat landscape: autonomous systems capable of executing end-to-end attacks at machine speed, identities as primary vectors for exploitation, vulnerabilities exploited in hours rather than days, and ransomware moving toward identity-centric, insider-enabled models.
Article continues below
Log in instead of breaking in
Flashpoint bases these findings on proprietary data, having apparently identified a 1,500% increase in illicit AI-related chats between November and December 2025, from around 360,000 to more than six million.
At the same time, the company observed 11.1 million devices infected by information thieves in 2025, stealing approximately 3.3 billion credentials and cloud tokens.
He says hackers are no longer interested in “breaking in” but rather in “connecting.” “The reality of identity data and the potential for its automation requires a shift in how organizations should view their attack surface,” the researchers said. “Infostealers have shown that they are no longer limited to corporate infrastructure; they now include employee browsers, personal devices, SaaS platforms and third-party access. »
The researchers also said that the window between vulnerability disclosure and exploitation is “disappearing” as they observe several high-impact vulnerabilities being exploited en masse “within hours of disclosure.”
Finally, ransomware incidents increased by 53% in 2025, with RaaS groups responsible for more than 87% of attacks. But instead of relying solely on encryption payloads, they now recruit malicious insiders, abuse authorized access, and exploit credential theft.
To stay secure, organizations should ensure they patch their vulnerabilities as soon as possible, Flashpoint said in the report. They should also focus on monitoring stolen credentials and compromised endpoints, strengthening identity security, and combining automated detection with human-led threat intelligence to quickly identify emerging risks.
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
