Rapid7’s Q1 2025 incident response data highlights that the biggest vulnerability for organisations is stolen credentials for accounts without multi-factor authentication (MFA), accounting for 56% of all incidents. Exposed remote desktop protocol services and SEO poisoning were also significant threats, while Malware as a Service (MaaS) loader BunnyLoader was the most frequently observed payload across various industries. Manufacturing was the most targeted industry due to its role in global trade and prevalence of unpatched legacy systems.
New PathWiper data wiper malware hits critical infrastructure in Ukraine
PathWiper, a new data wiper malware, is being used in targeted attacks against Ukraine’s critical infrastructure to disrupt operations. The malware was deployed through a
