Report an incident

Get 24/7 incident response assistance from our global team

Talk to sales

Just fill out the form, and our representative will contact you soon.

Join the Cybercrime Fighters Club

Please review the following rules before submitting your application:

1. Our main objective is to foster a community of like-minded individuals dedicated to combatting cybercrime and who have never engaged in Blackhat activities.

2. All applications must include research or a research draft. You can find content criteria in the blog. Please provide a link to your research or research draft using the form below.

High-Tech Crime Trends Report 2026

The age of supply chain attacks

Download report
High-Tech Crime Trends Report 2026
High-Tech Crime Trends Report 2026
The age of supply chain attacks

Cybercrime is no longer defined by isolated breaches. By compromising upstream vendors, SaaS platforms, open-source projects, and managed service providers, attackers inherit trusted access to hundreds of downstream organizations, transforming single intrusions into cascading, multi-victim incidents.

The High-Tech Crime Trends Report 2026 reveals how this shift has industrialized cybercrime, exposed the limits of perimeter-based defenses, and elevated identity and trust as the new primary attack surfaces.

Trust is no longer implicit – it must be
verified, monitored, and secured continuously.
The Interconnectivity and Impact of Supply Chain Attacks
2025 saw an escalation in the abuse of trusted vendor access that triggered a cascading impact across supply chains, impacting hundreds of organizations and millions of users worldwide.
Link arrow gradient
The Interconnectivity and Impact of Supply Chain Attacks The Interconnectivity and Impact of Supply Chain Attacks
In this report
6 mln
Users compromised
via Oracle breach caused by legacy environment exploit
800
Node Package Manager (NPM) packages compromised
via Shai-Hulud’s self-propagating worms
700
Organizations impacted
via compromised Drift/Salesloft/Salesforce OAuth tokens
70
Organizations impacted
via ransomware attack on sensitive data from Fintech firm Marquis
Key Findings
Cybercrime is now industrialized
around supply chains
Cybercrime is now industrialized around supply chains
Identity has become the primary attack
surface
Identity has become the primary attack surface
Browser and open-source ecosystems
are under sustained attack
Browser and open-source ecosystems are under sustained attack
Ransomware and APT Evolution
Ransomware and APT Evolution
Supply chain focused threats
The global cyber threat landscape is increasingly shaped by adversaries that exploit trust rather than directly attack systems.

Supply chain compromises now enable attackers to infiltrate widely used software and services, evading traditional defenses while achieving scale from a single entry point. As these threats blend into normal operations and persist across interconnected ecosystems, organizations must assume supply chain risk is inevitable and prioritize visibility, verification, and resilience across their technology stack heading into 2026.

Threat Actors
Scattered Spider
Scattered Spider
Region
Europe, America, APAC
Industries
Artificial intelligence, Blockc....
First seen
May 2022
Lazarus
Lazarus
Region
Global
Industries
Crypto, Energy & Utilities
First seen
2007
888
888
Region
APAC, META, Europe
Industries
Software, Commerce and sho
First seen
August 2023
DragonForce
DragonForce
Region
Asia-Pacific, Global
Industries
Government, Healthcare
First seen
August 2023
Shai-Hulud
Shai-Hulud
Region
Global
Industries
All
First seen
August 2025
Hafnium
HAFNIUM
Region
Global
Industries
Financial services, Governme...
First seen
January 2021
Ransomware
Ransomware has evolved into a highly organized supply chain ecosystem.
In 2025,

Supply chain compromises now enable attackers to fragmented ransomware-as-a-service groups and structured Initial Access Brokers began operating as integrated partners, while supply chain attacks through MSPs and SaaS platforms enabled scalable, low-friction intrusions.

Global: Top 10 Ransomware Groups by Number of Attacks in 2025
Link arrow gradient
Global: Top 10 Ransomware Groups by Number of Attacks in 2025
Global: Top 10 Industries Attacked by Ransomware Groups in 2025
Link arrow gradient
Phishing
Phishing and social engineering remained the main initial access vectors
for supply chain attacks, token compromise became far more prominent in 2025.

In several incidents, a single stolen OAuth token enabled access to interconnected tenants, third-party services, and CI/CD pipelines – driving large-scale data exfiltration and lateral movement. Attackers increasingly targeted high-trust integrations, turning identity compromise into a force multiplier for systemic breaches.

Global: Top 10 Industries Targeted by Phishing Attacks in 2025 Global: Top 10 Industries Targeted by Phishing Attacks in 2025
Download the High-Tech Crime
Trends Report 2026
High-Tech Crime Trends Report 2026
Fill out the form below to download the High-Tech Crime
Trends Report for more valuable data, actionable insights,
forecasts and recommendations.