Ransomware groups are shifting their tactics from relying on phishing methods and are now prioritizing the exploitation of vulnerabilities to exfiltrate data from victims' systems. Additionally, these groups have adopted a more assertive strategy to extort and capitalize on vulnerabilities. They even invest in various avenues for financial profit, such as collaborating with other hackers to identify weaknesses in their ransomware code or leveraging Initial Access Brokers (IABs) to gain entry to their target victims.