CyberHappenings logo

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Phishing and vulnerability exploitation dominate EU intrusions

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

Phishing and vulnerability exploitation were the primary methods of initial access in cyber-attacks against EU organizations over the past year. ENISA's Threat Landscape 2025 report analyzed 4875 incidents from July 1, 2024, to June 30, 2025. Phishing accounted for 60% of intrusions, followed by vulnerability exploitation at 21%. Outdated mobile devices and operational technology (OT) systems were identified as high-value targets. AI-powered phishing represented over 80% of social engineering activity worldwide by early 2025. The report also highlighted the growth of attacks targeting critical dependency points in the digital supply chain. DDoS attacks were the most frequent, accounting for 77% of reported incidents, with hacktivists being the dominant threat actor type.

Timeline

  1. 02.10.2025 11:45 1 articles · 2d ago

    ENISA reports phishing and vulnerability exploitation dominate EU intrusions

    Over the past year, phishing and vulnerability exploitation were the primary methods of initial access in cyber-attacks against EU organizations. The ENISA Threat Landscape 2025 report analyzed 4875 incidents from July 1, 2024, to June 30, 2025. Phishing accounted for 60% of intrusions, followed by vulnerability exploitation at 21%. The report also highlighted the growth of attacks targeting critical dependency points in the digital supply chain and the increasing use of AI in phishing campaigns.

    Show sources

Information Snippets

  • Phishing accounted for 60% of observed intrusions in EU organizations over the past year.

    First reported: 02.10.2025 11:45
    1 source, 1 article
    Show sources
  • Vulnerability exploitation was the second most common method of initial access, accounting for 21% of intrusions.

    First reported: 02.10.2025 11:45
    1 source, 1 article
    Show sources
  • Botnets and malicious applications were responsible for 10% and 8% of intrusions, respectively.

    First reported: 02.10.2025 11:45
    1 source, 1 article
    Show sources
  • 68% of intrusions led to follow-up malware deployment.

    First reported: 02.10.2025 11:45
    1 source, 1 article
    Show sources
  • Outdated mobile devices and operational technology (OT) systems were identified as high-value targets.

    First reported: 02.10.2025 11:45
    1 source, 1 article
    Show sources
  • AI-powered phishing represented over 80% of social engineering activity worldwide by early 2025.

    First reported: 02.10.2025 11:45
    1 source, 1 article
    Show sources
  • DDoS attacks accounted for 77% of reported incidents, with only 2% leading to service disruption.

    First reported: 02.10.2025 11:45
    1 source, 1 article
    Show sources
  • Hacktivists were linked to 79% of attacks, with financially motivated and cyber-espionage attacks at 13% and 7%, respectively.

    First reported: 02.10.2025 11:45
    1 source, 1 article
    Show sources
  • The Russian actor NoName057(16) was responsible for over 60% of hacktivist claims, using the DDoSia platform.

    First reported: 02.10.2025 11:45
    1 source, 1 article
    Show sources
  • Public administration was the most targeted sector, accounting for 38% of attacks.

    First reported: 02.10.2025 11:45
    1 source, 1 article
    Show sources