In Q3 2025, leak site posts increased by 11% from Q2 to Q3.

The utilities, energy/oil and gas, and aerospace and defense industries combined accounted for 21.5% of all detections by Trellix between April 1 to September 30, 2025.

68% of organizations invested in AI-powered protection capabilities in 2025

Injection attacks surged by 40% year-over-year.

27% of people are targeted by scam text messages daily.

Phishing attacks rose by 21% in 2025

15% of marketplace shoppers experience scams daily.

In Q3 2025, Qilin ransomware claimed 271 posts on their public leak site.

In Q3 2025, the majority of MDR incidents were contained within the early and middle stages of attack, with early-stage attacks at 44% and middle-stage attacks at 44%.

42% of consumers have encountered postal tracking scams.

In Q3 2025, the Akira ransomware group claimed 167 posts on their public leak site.

OpenAI’s GPT-5 Mini achieved a 72% pass rate on security tests, marking the highest recorded to date.

OpenAI’s standard GPT-5 achieved a 70% pass rate on security tests.

Delivery notification scams surged by 105.8% in November 2025 compared to the same period last year.

45% of organizations reported that their cyber insurance policy could be voided if required security controls were not in place.

PowerShell was the primary attack vector with 96,061 detections by Trellix, followed by Cobalt Strike with 85,986 detections targeting the IT-to-OT boundary.

By 2030, 50% of enterprises are predicted to face delayed AI upgrades and/or rising maintenance costs due to unmanaged generative AI technical debt.

97% of organizations reported negative impacts from supply chain breaches over the past twelve months, an increase from 81% in 2024.

54% of Defense Industrial Base members reported starting their Cybersecurity Maturity Model Certification journey with a strong implementation of NIST 800-171 standards and DFARS controls.

27% of consumers have fallen victim to ad-related malware.