69% of security leaders agree identity management must fundamentally change to support AI safely.

Organizations most confident in their AI deployments experience more than twice the incident rate of less confident peers.

7% of organizations don't know how often AI is making autonomous infrastructure changes at all.

Relying on static credentials for AI systems correlates with a 20-percentage-point increase in incident rates.

The technology sector represented 45% of all network-layer DDoS attacks, up from 8.77% in 2024.

North America accounted for 63.1% of all network-layer DDoS attacks globally, followed by the Middle East (16.1%) and Europe (13.7%).

Malicious web application and API transactions rose 128% year over year.

Vulnerability exploitation accounted for 41.8% of observed application-layer attacks, rising to nearly 58% in Q4 2025.

In the first six months of 2025 bad bot activity reached 89.2% of the total volume observed across all of 2024.

North America accounted for 40.7% of malicious bot transactions, followed by APAC (25%), EMEA (19.1%) and Central and Latin America (15.2%).

Europe accounted for 48.4% of all claimed hacktivist attacks, compared with the Middle East (17.7%) and Asia (17.5%).

Israel received 12.2% of claimed hactivist attacks, the United States 9.4%, and Ukraine 8.9% of claimed attacks.

Government services are the primary target in 38.8% of all claimed hactivism attacks.

The hacktivist group NoName057 (16) claimed 4,693 attacks, the highest number claimed by a single hacktivist entity.

90% of ransomware incidents exploit firewalls through a CVE or a vulnerable account.

The fastest ransomware case observed, involving Akira ransomware, takes just three hours from breach to encryption.

11% of detected vulnerabilities have a known exploit.

The most widely detected vulnerability is CVE-2013-2566, which dates to 2013.

66% of incidents involve the supply chain or a third party, up from 45% in 2024.

96% of incidents involving lateral movement end with the release of ransomware.