Kuala lumpur: Picus Security, the leading security validation company, today released the Blue Report 2025, based on more than 160 million real-world attack simulations in live production environments. Now in its third year, the report provides a data-driven assessment of how well security controls perform against today’s threats – and this year’s findings are the most concerning to date.

According to BERNAMA News Agency, while cyberattacks grow in both volume and sophistication, defensive effectiveness is declining. This year’s data paints a particularly grim picture: In 46% of environments, at least one password hash was successfully cracked, and data exfiltration attempts were only stopped 3% of the time, down from 9% in 2024. Combined, these trends show how quickly a single compromised credential can open the door to lateral movement and large-scale data theft. With infostealer malware tripling in prevalence and attackers increasingly bypassing defenses using valid logins, organizations face escalating risk from persistent and nearly invisible threats.