Flashpoint Report Finds Agentic AI Discussions on Criminal Forums Surged 1,500 Percent as Infostealers Fuel 3.3 Billion Stolen Credentials
Flashpoint's 2026 report documents a 1,500 percent spike in AI-related criminal forum activity, 3.3 billion stolen credentials from infostealers, and a 53 percent rise in ransomware incidents.
Overview
Flashpoint’s 2026 Global Threat Intelligence Report, released on March 11, documents what the company describes as a point of “total convergence” in cybercrime, where malware, identity theft, and infrastructure exploitation have collapsed into a single high-velocity threat engine. The annual report, drawn from Flashpoint’s Primary Source Collection across deep and dark web forums, illicit marketplaces, and encrypted channels, identifies four converging forces reshaping the threat landscape: the operationalization of agentic AI, identity as the primary exploit vector, the compression of the vulnerability exploitation window, and the evolution of extortion models.
The headline finding is a 1,500 percent surge in AI-related illicit discussions on criminal forums between November and December 2025, jumping from roughly 362,000 mentions to over six million in a single month. Flashpoint characterizes this as a transition from criminal curiosity to the active development of autonomous attack frameworks.
From Generative Tools to Autonomous Attack Chains
The report draws a distinction between the generative AI tools that threat actors adopted in 2024 and the agentic frameworks now under development. Where earlier tools assisted with phishing email drafting or code generation, the emerging agentic systems are designed to operate end-to-end attack chains without continuous human oversight. These autonomous systems can scrape target data, generate customized phishing content, test stolen credentials across multiple services, rotate infrastructure, and adapt tactics based on failed attempts.
Flashpoint CEO Josh Lefkowitz described agentic AI as a “force multiplier for the modern adversary,” noting that cybercrime is “rapidly transforming from human-led campaigns to machine-speed operations.” The report observes that integration challenges currently limit widespread deployment, with most threat actors still working with modular components rather than cohesive autonomous workflows, but warns that the trajectory points toward full operationalization.
The shift also introduces novel attack techniques. Flashpoint documents the rise of slopsquatting, where fake software packages are designed to trick AI coding assistants into recommending malware to developers, and steganographic prompting, where hidden instructions embedded in content override AI model behavior.
Infostealers and the Identity Crisis
The report’s second major theme is the transformation of identity into the primary attack vector. Flashpoint tracked 11.1 million machines infected with infostealers during 2025, generating an inventory of 3.3 billion stolen credentials and cloud tokens traded on illicit forums. The five most prevalent infostealers were Lumma, Acreed, Rhadamanthys, Vidar, and StealC, with Vidar 2.0 becoming the most widely adopted variant by January 2026.
The fundamental mechanics of intrusion have shifted from breaking into systems to logging in as legitimate users. Stolen session cookies allow attackers to bypass multi-factor authentication entirely, operating within enterprise environments as authenticated users. Flashpoint warns that pairing this credential inventory with agentic AI systems could enable automated testing against thousands of endpoints simultaneously, including corporate VPNs, SaaS platforms, and cloud services, at speeds that outpace conventional detection.
Google’s Cybersecurity Forecast 2026 echoes the credential theft concern, warning that the combination of infostealers, compromised identities, and AI-driven automation is creating conditions where traditional perimeter defenses are increasingly irrelevant. Google’s report also flags the emergence of “Shadow Agents,” employee-created AI tools operating without IT oversight that create uncontrolled pipelines for sensitive data.
Ransomware: More Attacks, Shifting Economics
Flashpoint recorded 8,835 ransomware attacks in 2025, a 53 percent increase year-over-year, with 87 percent attributed to Ransomware-as-a-Service groups. The most active operators were Qilin with 1,213 attacks, Akira with 1,044, Clop with 529, Safepay with 452, and Play with 395. The report also documented 91,321 instances of insider recruitment discussions on criminal forums, indicating that ransomware operators are increasingly targeting employees as an entry point.
Yet the financial picture tells a more complex story. Chainalysis data shows that total ransomware payments fell approximately eight percent to $820 million in 2025, despite the surge in attack volume. This marks the second consecutive year of flat or declining on-chain ransomware payments, suggesting a disconnect between the growing frequency of attacks and the willingness or ability of victims to pay. Improved backup strategies, greater law enforcement coordination, and a shift toward targeting smaller organizations with reduced capacity to pay may all be contributing factors.
Flashpoint notes that ransomware groups are pivoting from technical encryption toward “pure-play” identity extortion, targeting human trust and threatening data exposure rather than relying solely on locking systems. This evolution aligns with the broader identity-centric shift documented throughout the report.
Vulnerability Window Collapses
The report tracked 44,509 vulnerability disclosures in 2025, a 12 percent year-over-year increase, with 14,593 having publicly available exploit code and 466 confirmed exploitations in the wild. Flashpoint found that mass exploitation of newly disclosed vulnerabilities is now occurring within 24 hours of disclosure, effectively closing the strategic window that defenders once relied upon to patch critical systems.
The speed and resourcing of some exploitation campaigns demonstrated “preparation and resourcing typically associated with state operations rather than opportunistic cybercrime,” the report notes, citing Chinese advanced persistent threat groups affiliated with the People’s Liberation Army and Ministry of State Security targeting platforms used by government agencies, multinational enterprises, and defense contractors. North Korean actors were also observed posing as legitimate employees to steal funds and proprietary information.
Outlook
The convergence documented in Flashpoint’s report suggests that the traditional separation between different categories of cyber threat, whether malware, identity exploitation, vulnerability abuse, or insider threats, is dissolving into a unified operational model amplified by automation. The transition from human-directed to machine-speed operations represents a qualitative shift in the threat landscape that will test whether defensive capabilities can keep pace.