2025 Threat Roundup

Top Cybersecurity Trends from Vedere Labs

We track the most impactful global cybersecurity trends, including cyber attacks, exploits, malware, and threat actors from 2025. Know where and how to focus your defenses.

Threats to critical infrastructure, government, and specific vertical industries using OT technology are increasing. See where.

Read the ReportAttend the Webinar

 

900M+

Attacks in 2025

900

Threat Actor Groups

48%

YoY Increase in Web App Attacks

84%

Surge in OT Protocol Attacks

Webinar: The Most Important Cybersecurity Trends of 2025

Join leaders from Vedere Labs for a deep dive into the defining cybersecurity trends from the last year. From shifting attack origins to major increases in attacks using OT protocols, we dissect pivotal behaviors from threat actors.

Top 10 Countries Originating Cybersecurity Attacks

Attacks Are More Distributed Now

The top 10 countries of origin account for 61% of all attacks — which is down 22% from 2024.

Countries appear in this dataset because:

  • Legitimate hosting providers are abused by attackers
  • Bulletproof hosting providers explicitly support criminal activity
  • Compromised hosts are used to launch attacks

Top 3 Attacked Service Types

Primary attack methods for web applications are vulnerability exploitation and scanning. It is now the dominant target by a wide margin.

  1. Web applications
  2. Remote management
  3. Remote storage

Top 10 Targeted Industries

Threat actor counts increased most in 2025 in:

  1. Manufacturing: 16% in 2025 had the highest expansion
  2. Healthcare: 13%
  3. Government: 6%
  4. Energy: 6%
  5. Financial services: 5%

Distribution of Exploitation by Software Type

Rapid Growth in Network infrastructure

Firewalls, routers, and VPN appliances at a four-year surge:

  1. 3% in 2022
  2. 11% in 2023
  3. 14% in 2024
  4. 19% in 2025

Threats Unleashed Across 178 Countries

The United States remains the most targeted. India ranked second, followed by Germany. Threat actors were associated with 45 origin countries in 2025. The largest share of actor groups was associated with China (210), Russia (112), and Iran (55).

Top 5 Attacks by OT Protocol

OT Security Attacks: Modbus Dominates

OT attacks surged 84% in 2025. Here are the top protocols OT system attackers focus on:

  • Modbus: 57%
  • Ethernet/IP: 22%
  • BACnet: 8%

Malware: Same As It Never Was

Compared to 2024, RATs increased from 27% to 35%. Infostealers moved from 29% to 35%.

Downloaders expanded, rising from 4% to 11% in 2025.

The “Others” category includes cryptominers, ransomware, worms, and other malware families.

See the Research, Share the Presentation

Vedere Labs shares an overview of the research in a presentation format for you and your security team to use and share. See the most important threats, attack behavior, and threat actors, and our recommendations for mitigating the risk.

How Forescout Helps

Discover. Assess. Control. Govern.

Your journey to Universal Zero Trust Network Access starts with the Forescout 4D platform™: the only platform for UZTNA powered by agentic AI. Continuously identify, protect, and ensure the compliance of all assets – IT, IoT, IoMT and OT – regardless of location, automatically. Deliver cloud-native network security intelligence boosted by agentic workflows from the pioneer of traditional NAC.

Shift from reactive firefighting to proactive risk management. Get continuous visibility into what’s actually exposed across every connected asset — managed or not, physical or virtual. The result? Priorities managed. Peace of mind.

See the Platform
Demo RequestForescout PlatformTop of Page