The European Union Agency for Cybersecurity, ENISA, has published its 13th annual report on the state of the cybersecurity threat landscape. The report covers the period of July 1, 2024 to June 30, 2025 and is based on 4,875 incidents.
The main points in the report are:
- Intrusion activity remains significant, with ransomware at its core.
- State-aligned threat groups intensified their long-term cyberespionage campaigns against the telecommunications, logistics networks and manufacturing sectors in the EU.
- Hacktivist activity continues to dominate reporting, representing almost 80% of recorded incidents and driven primarily by low-level distributed denial-of-service operations.
- Public administration networks remain the primary focus (38%).
- Phishing remains the dominant intrusion vector (60%) and is evolving through techniques used in largescale campaigns.
- Vulnerability exploitation remains a cornerstone of initial access (21.3%), with widespread campaigns rapidly weaponizing them within days of their disclosure.
- Artificial intelligence has become a defining element of the threat landscape, with AI supported phishing campaigns reportedly represented more than 80 percent of observed social engineering activity worldwide, with adversaries leveraging jailbroken models, synthetic media and model poisoning techniques to enhance their operational effectiveness.
Read more about it here.