Malicious traffic surged nearly 20% from Q1 to Q2 2025.

Desktop-based threats targeting dating platforms declined by 16%.

Excluding U.S. traffic, the highest concentrations of fraud hubs are found in Brazil (over 11%), Great Britain (nearly 10%), Vietnam (over 6%), and Nigeria (9%).

Dating platforms experienced a 61% surge in mobile attacks.

The overall device distribution for dating platforms flipped from 55% desktop prevalence to just 39% desktop prevalence.

Overnight fraud surges were observed in Vietnam (38%), Mexico (38%), and India (36%).

Attack automation services targeting gaming increased from 15% to 25% of all gaming-related attacks.

The Roblox browser accounted for 18% of gaming attacks, indicating a platform-specific vulnerability

Sign-up fraud traffic in the Fintech sector escalated to 17 times the industry average.

Great Britain was responsible for 44% of attacks specifically targeting the Fintech sector.

The use of attack automation services increased from 31% to 36% of all attacks from Q1 to Q2 2025.

Average attack size grew by over 12% from Q1 to Q2 2025, demonstrating that attacks are becoming larger and more aggressive in scale.

Evening fraud attack peaks were observed in Pakistan (65%) and The Philippines (43%).

32% of organizations attribute their most significant data loss events to malicious insiders.

29% of organizations adopting AI have the CIO and IT org leading AI security.

Malicious applications accounted for 8% of initial access vectors.

Malicious spreadsheets (e.g., XLS, XLSX) totaled 4% of threats in Q2 2025, showing a 2 percentage point drop from Q1 2025.

Malicious web browser downloads made up 23% of threats in Q2 2025, with no change compared to Q1 2025.

Malicious Copy Paste (T1204.004) did not make the top 10 technique list.

29% of ransomware incidents involved infecting devices with other malicious payloads.