Before disruption, Lumma Stealer activity in H1 2025 was higher than in H2 2024 (+21%).

NFC-based fraud spiked by more than thirty-five-fold.

46% of UK HR leaders reported that security concerns directly triggered their HR software purchases last year.

The SLED sector faced 50% of droppers attacks.

Nearly half (45%) of UK HR professionals are worried about privacy risks related to AI-powered HR tools, which is the highest percentage among all countries surveyed.

While 60% of organisations feel manual risk management tools meet basic needs, only 29% can determine risk at every stage of the vendor lifecycle using these tools.

Only 12% of TPRM programs now cite a lack of AI strategy as a barrier, which is a significant decrease from 49% in 2024.

Danabot activity was up even more, by +52%.

Fewer than 20% of AI apps are visible and controlled within enterprises.

ClickFix, a new deceptive fake error attack vector, surged by over 500% compared to H2 2024 in ESET telemetry.

Yearly data from 2024 shows that while ransomware attacks and the number of active gangs have grown, ransom payments saw a significant drop

Android adware detections jumped 160%.

Nearly 70% of Third-Party Risk Management (TPRM) teams report being understaffed.

While 60% of organisations feel manual risk management tools meet basic needs, just 15% feel prepared to respond to third-party incidents.

Some companies are already adopting more than 100 AI applications.

75% of UK HR leaders consider security a critical feature when researching and implementing HR software.

There is an almost 30% gap between existing and ideal team sizes in TPRM.

While 60% of organisations feel manual risk management tools meet basic needs, only 29% can determine risk at every stage of the vendor lifecycle using these tools.

The SLED sector faced 70% of ransomware attacks.

The presence of compliance teams in TPRM jumped from 42% in 2023 to 88% in 2025.