State-backed malware, active MongoDB exploits, npm phishing, energy ransomware, crypto wallet theft, insider cybercrime, fines, and breaches dominated.