Roughly 29% of reviewed iOS shopping apps access user data without declaring it in their App Store Privacy Overview.

Social media is the leading medium for successful scams at 34%, surpassing email (28%), phone calls (25%), text messages (24%), and online ads (21%) in 2025.

36% of U.S. financial services executives reported lacking sufficient internal expertise to meet regulatory mandates.

33% of CISOs rank external threats as their number-one stressor.

The Roblox browser accounted for 18% of gaming attacks, indicating a platform-specific vulnerability

96% of organizations surveyed experienced data loss or exposure from misdirected email in the past year.

The proportion of retailers hit by extortion-only attacks tripled from 2% in 2023 to 6% in 2025

European organizations accounted for nearly 22% of global ransomware and extortion victims in 2025

Since January 1, 2024, more than 2,100 victims across Europe were named on extortion leak sites

40% of ransomware incidents began through vulnerability exploits

31% of Gen X plan to use ChatGPT to help them with gift ideas this holiday season.

Only 12% of organizations feel fully prepared to detect or respond to sensitive data being shared with GenAI tools.

49% say tool complexity is the biggest barrier to maturing their insider risk program.

21% of security professionals are concerned about whistleblowers sharing or exposing data.

45% of respondents are very concerned about sensitive data being shared with generative AI tools like ChatGPT.

Ransomware group Radiant published profiles of ten children following a ransomware attack on Kido International.

96% of all disclosed ransomware cases involved data exfiltration in Q3 2025.

There are a total of 20,000 MCP server implementations on GitHub.

Ransomware group Radiant threatened to release full profiles of 30 children following a ransomware attack on Kido International.

Unofficial marketplaces have indexed upwards of 17,000 open-source Model Context Protocol (MCP) server implementations.