Huntress 2026 Cyber Threat Report

The threat landscape never stands still…and 2025 was no different.

Cybercrime has become the world’s third-largest economy, with costs expected to reach $12.2 trillion annually by 2031. The Huntress 2026 Cyber Threat Report, shaped by data from over 4M endpoints and 9M identities protected by the Huntress Security Platform, exposes how cybercriminals shifted their strategies, streamlined playbooks, and leveled up tradecraft to blend in better than ever. Here’s a sneak peek:

Download Your Threat Report

Oops! Something went wrong while submitting the form.

Remote Monitoring and Management (RMM) Abuse

Attackers continue to turn trusted admin tools against us, with RMM abuse jumping 277% year-over-year.

Malicious Use of AI

Generative AI-powered cybercrime isn’t just about smarter phishing scams anymore. It’s an underground economy, built entirely on the abuse of trust. This force multiplier puts powerful cyberattack tactics and tools in the hands of anyone, driving cybercrime to unprecedented levels of speed and sophistication.

Shady Social Engineering

Your people are the new attack surface. ClickFix and fake CAPTCHA scams are rampant, linked to over 50% of all malware loader activity.

Ransomware

Time-to-ransom (TTR) stretched from 17 to 20 hours as attackers focused on staying hidden, stealing data, and extorting victims.

Identity Attacks

Cybercriminals don’t have to break down the door. They use your legit credentials to unlock it, roam your networks, and pull off bigger attacks like business email compromise (BEC). Logins with a shady footprint make up 37% of all identity threats.