Each quarter, we publish the Hall of Hacks report to provide a detailed look at the global cybersecurity landscape. The Q1 2025 edition is now live, delivering key insights into threat activity, major incidents, legal enforcement, policy changes, and investment trends across the industry.
This edition offers a full breakdown of the most critical developments between January and March 2025. It includes threat intelligence, top vulnerabilities, major funding rounds, new cyber policies, judicial outcomes, and incident impacts across regions and sectors.
First time seeing this?
Key Takeaways from Q1 2025
Here are the biggest takeaways from this quarter’s Hall of Hacks:
The Good
Over $4.4 billion raised across cybersecurity investments. Top rounds included SailPoint ($1.4B), ReliaQuest ($500M), NinjaOne ($500M), ID.me ($275M), and Island ($250M).
105 M&A deals recorded. Managed Security Services and Threat Detection were the most active sectors.
133 new cyber policies were introduced across 34 countries. Major developments include the EU’s DORA and Cyber Solidarity Act, China’s personal data laws, and several U.S. state-level privacy acts.
1,004 cybercrime-related arrests and 142 judicial actions. These included the sentencing of Evan Frederick Light and the indictment of state-backed groups like APT27.
The Bad
545 cybersecurity incidents documented, involving 282 active threat actors, 31 ransomware groups, and 3725 CVEs.
Top malware families included Lumma Stealer, Gh0st RAT, Njrat, Redline, and the newly surfaced Sosano spyware.
Notable vulnerabilities included CVE-2024-50603 and CVE-2024-54085, both with CVSS scores of 10.
Microsoft was the most vulnerable vendor, with 587 CVEs, followed by Oracle, Linux, Cisco, and Google.
The Ugly
More than 3.2 billion records were exposed in Q1. Twitter/X alone accounted for 2.8 billion records. Other significant breaches impacted the New York Blood Center, PlayStation, and the Bangladesh Navy.
The largest cryptocurrency theft of the quarter involved $1.5 billion stolen from Bybit's Ethereum cold wallet.
Healthcare and government were the most affected sectors, with 153 incidents combined.
Major civil actions included MGM Resorts' $45 million settlement, Cognosphere's $20 million COPPA case, and CaixaBank's $4 million fine.
What to Expect Next?
The Q2 2025 Hall of Hacks report will be released beginning next week, and we will publish weekly breakdowns from the dataset, focusing on:
Key ransomware and malware groups
New global policies and compliance changes
Breach analysis and attacker techniques
Arrests, indictments, and global enforcement efforts
Stay subscribed to keep up with the latest threat insights and strategic guidance delivered straight to your inbox!
Subscribe and Comment.
Copyright © 2025 CyberMaterial. All Rights Reserved.
Follow CyberMaterial on:
Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium.