As the digital interdependencies among organisations in Asia-Pacific deepen, the High-Tech Crime Trends Report 2026 by Group IB reveals how cyber adversaries are adapting to exploit these relationships, turning what were once isolated incidents into sophisticated ecosystems of attack that can impact thousands downstream.
According to Group-IB, a staggering 263 instances of corporate access were sold on the dark web in 2025, illustrating the lucrative market for compromised credentials enabling these extensive assaults.
"Today’s cyber threats aren’t isolated events; they form interlinked chains of devastation," stated Dmitry Volkov, CEO of Group-IB.
The report underscores a critical shift: attacks are now focused on upstream vendors and service providers to gain speed, stealth, and scale.
The report identifies several key findings:
- Weaponising Open Source: Popular package repositories like npm and PyPI have become prime targets, where stolen maintainer credentials transform trusted development pipelines into distribution networks for malicious code. This has heightened the urgency for software integrity checks.
- Malicious browser extensions: Cybercriminals are increasingly hijacking trusted developer accounts and marketplaces to create extensions that steal credentials and financial data directly from users' browsers.
- AI-driven phishing attacks: The report highlights a troubling trend of AI-powered phishing campaigns targeting high-trust integrations, allowing attackers to bypass multi-factor authentication (MFA) and gain persistent access to sensitive platforms.
- Cascading data breaches: Rather than leaking data from a single victim, attackers are now targeting service providers to trigger multi-tenant exposure, amplifying the downstream impact on a broader scale.
- Industrialised ransomware supply chains: Coordinated operations among ransomware groups and initial access brokers signify a new level of orchestration in cybercrime, targeting industries such as manufacturing and financial services.
The role of AI
While AI is not the origin of these supply chain attacks, it has undoubtedly made them cheaper, faster, and more complex. The report reveals how unmonitored trust in software and services has transitioned into a strategic liability for organisations. As threats morph and intertwine, CISOs and CIOs in Asia must scrutinise their security strategies.
The report presents a dual challenge: organisations must bolster their cybersecurity frameworks while navigating the complexities introduced by AI and interconnected supply chains.
Invested leadership, proactive risk assessments, and robust governance models will be essential in mitigating these evolving threats. As Volkov asserts, "The need for resilience and vigilance in cybersecurity has never been more pressing."
