ENISA’s Threat Landscape 2025 report (published 1 October 2025) reveals that threat groups are reusing tools, evolving attack models, and collaborating to target the EU’s digital infrastructure. enisa.europa.eu+2enisa.europa.eu+2
Key findings:
-
DDoS attacks accounted for ~77% of reported incidents. enisa.europa.eu
-
Ransomware continues to be extremely impactful. enisa.europa.eu+1
-
Hacktivism is a major driver (often low-impact, but high volume). enisa.europa.eu+1
-
Phishing (60%) and exploitation of vulnerabilities (21.3%) were leading intrusion vectors. enisa.europa.eu
-
Public administration was the most targeted sector (~38%). enisa.europa.eu+1
This report is critical reading for any organization assessing threat exposure, incident response readiness, and security posture.
