Initial access brokers on cybercriminal forums are increasingly offering: corporate credentials (20%), RDP access (19%), admin panels (13%), web shells (12%).

Remote access tools like VPNs and RDP were correlated with 80% of ransomware attacks in 2024, up from 63% the year prior.