Nation-state and hacktivist attacks that caused physical consequences doubled in 2025.

In 2025, there were 57 breaches with physical consequences, a 25% reduction from 2024.

In 2025, the USA and Germany were #1 and #2 targets for breaches with physical consequences. Russia was #3.

Nearly 40% of the top-targeted vulnerabilities impacted end- of-life (EOL) devices.

23% of CVEs directly impact network devices like VPN appliances, next-generation firewalls (NGFWs), load balancers, routers, and others.

25% of the top-targeted vulnerabilities impact widely used frameworks and libraries.

32% of the top-targeted vulnerabilities are at least a decade old.

The number of device registration events reported by users as fraud increased 178% from 2024 to 2025.

Technology is the top-targeted industry at 36% for MFA spray attacks.

In 2025, attackers compromised victims via phishing emails in 40% of Talos IR cases.

In 2025, IT spending rose from 3.2% to 3.9% of revenue in the retail and hospitality industry.

35% of retail and hospitality CISOs plan to increase full-time security staff in 2026.

71% of retail and hospitality CISOs identify AI as a primary concern, citing risks such as data leakage, insider misuse, and insufficient governance controls.

Only 21% of organizations enforce protections like cooldown periods.

Fewer than half of organizations plan to increase budgets for 2026.

84% of bank leaders are concerned about fraud and scams targeting their customers.

53% of bank leaders believe their bank could take more strategic risk.

79% of bank CEOs, board members, chief risk officers and senior executives are concerned about fraud.

In 2025, 88% of SMB breaches involved ransomware, more than double the rate at large enterprises.

The average breach goes undetected for 181 days.