Cloudflare Report Exposes Alarming Surge in Cyber Threats for 2025
Cyber threats surged in 2025, with attackers adopting more sophisticated tactics to bypass security measures. A new report from Cloudflare's threat research unit, Cloudforce One, highlights a sharp rise in automated attacks, credential theft, and state-sponsored deception campaigns targeting global organisations.
The findings reveal how criminals and foreign operatives exploited gaps in email security, cloud services, and authentication systems to scale up their operations.
One of the most alarming trends was the doubling of distributed denial-of-service (DDoS) attacks. Cloudflare recorded 19 new world-record assaults, including a 31.4 terabits-per-second UDP flood in November. These attacks followed a pattern of routine, automated cycles, with the company blocking over 230 billion threats daily.
Credential theft also dominated the landscape. Bots made up 94% of all login attempts on Cloudflare's network, and nearly half involved stolen or leaked passwords. Infostealers like LummaC2 played a key role by extracting live session tokens, allowing attackers to bypass multi-factor authentication (MFA). This method contributed to 54% of ransomware incidents in 2025, with manufacturing and critical infrastructure bearing the brunt—over 50% of targeted attacks focused on these sectors.
State-backed groups refined their techniques as well. North Korean operatives secured jobs at Western firms using AI-generated deepfake profiles and U.S.-based laptop farms. Meanwhile, legitimate cloud platforms—including AWS, Google Cloud, and Azure—became tools for malicious activity. Email security remained a weak point, with 43% of messages failing SPF checks and 44% lacking valid DKIM signatures, enabling large-scale phishing campaigns.
The report underscores how attackers are leveraging automation, stolen credentials, and trusted cloud services to evade detection. With ransomware, DDoS assaults, and phishing all on the rise, organisations face growing pressure to strengthen defences. Cloudflare's data suggests these trends will continue into 2026, requiring more robust authentication and threat monitoring.
Read also:
- India's Agriculture Minister Reviews Sector Progress Amid Heavy Rains, Crop Areas Up
- Sleep Maxxing Trends and Tips: New Zealanders Seek Better Rest
- Over 1.7M in Baden-Württemberg at Poverty Risk, Emmendingen's Housing Crisis Urgent
- Life Expectancy Soars, But Youth Suicide and Substance Abuse Pose Concern
