42% of SMB owners and cyber leaders prioritized subscriptions to non-essential software over new cybersecurity investments in the past year.

30% of security leaders in the Netherlands report that AI is already improving security operations.

Threat actors utilizing AI and automation tools can achieve lateral movement within an organization in as little as 4 minutes, 85% faster than the previous year.

11.3% of software flaws pose real-world danger.

46.4% of SMBs experienced 3+ incidents in the past 12 months.

China-nexus activity increased by 38% in 2025.

67% of exploited vulnerabilities used by China-nexus actors delivered immediate system access.

Services using end-of-life language versions face exploitable vulnerabilities in 50% of cases

Extortion demands to suppress stolen data comprise 49% of extortion claims in the first half of 2025 and 65% of extortion claims in the second half of 2025.

Infostealers harvested more than 2 billion credentials.

32% of organizations identify AI as the most challenging cybersecurity spend to justify to business stakeholders.

High-risk vulnerabilities (flaws that are both severe and highly exploitable) increased 36% year-over-year.

87% of organizations have at least one known exploitable vulnerability in deployed services

50% of organizations adopt new library versions within 24 hours of release

QR code-based phishing attacks increased 28%, rising from 940,000 in 2024 to over 1.2 million in 2025.

The United States remains the most heavily targeted jurisdiction in leak site activity, followed by Canada, Germany, the UK, and other parts of Europe.

Multiple financings surpass $1 billion in investment in Q4 2025.

Q4 2025 records 387 IPOs globally, the strongest quarter since Q4 2022.

Data security represents 10% of deals in Q4 2025.

Identity management and behavioral intelligence delivered the largest breach cost savings, reducing insider risk costs by $6.1 million and $5.1 million per year, respectively.