Ontinue's 2025 Report Highlights Rise in MFA-Breaking Attacks

Ontinue has released its 1H 2025 Threat Intelligence Report, which highlights a significant increase in identity attacks that bypass multi-factor authentication (MFA) and exploit overlooked security gaps, announced in a press release. The report provides an in-depth analysis of cybersecurity trends observed in the first half of 2025.

Key findings from the report include a notable rise in cloud persistence tactics, with nearly 40% of Azure intrusions involving multiple persistence methods. The report also notes that token replay abuse was involved in roughly 20% of live incidents, allowing adversaries to bypass MFA even after password resets.

Additionally, Ontinue observed a 27% increase in USB-borne malware, emphasizing the ongoing risk posed by removable media. The report also highlights a doubling of third-party risks year-over-year, with nearly 30% of incidents linked to vendor compromise.

The report underscores the importance of integrating real-world threat intelligence into security testing and emphasizes the need for continuous, intelligence-led security processes to combat evolving threats effectively.