In 2025, malicious QR codes were observed in 19% of phishing attacks.

The average organization experienced 223 incidents of data policy violations related to generative AI applications each month from October 2024 to October 2025.

In 2025, obfuscations to hide URLs from detection were seen in 48% of phishing attacks.

The number of known phishing kits doubled during 2025, reaching a significant increase in active use.

In 2025, 'ClickFix' social engineering techniques were used in 1% of phishing attacks.

100% of advanced email threats bypassed incumbent email security, including Microsoft E3/E5 and leading secure email gateways.

In 2025, 57% of CISOs reported that their organizations took more than 4.5 days on average for full remediation and recovery after a cyber incident.

16% of email-related healthcare breaches in 2025 involved business associates.

Nearly 3 in 4 organizations in the United States have a fragmented IAM stack.

The percentage of AI users utilizing personal AI applications decreased from 78% to 47% from 2024 to 2025.

87 out of every 10,000 users clicked on a phishing link each month in 2025.

In 2025, 90% of high-volume phishing campaigns utilized Phishing-as-a-Service (PhaaS) kits.

DocuSign accounted for more than 20% of all advanced email attacks analyzed.

In late 2025, there were 10 million Mamba 2FA phishing attacks recorded.

The percentage of users uploading data to personal cloud applications increased by 21% over the past year, with 31% of users in the average organization uploading data monthly.

In 2025, malicious attachments were present in 18% of phishing attacks.

In 2025, the use of 'Blob URIs' was noted in 2% of phishing attacks.

73% of global business leaders were or knew someone directly affected by cyber-enabled fraud in 2025.

12% of organizations detected employee exposure to malware via GitHub each month in 2025.

In 2025, not a single Chief Information Security Officer (CISO) reported being able to recover from a cyber incident within a day.