Report an incident

Get 24/7 incident response assistance from our global team

Talk to sales

Just fill out the form, and our representative will contact you soon.

Join the Cybercrime Fighters Club

Please review the following rules before submitting your application:

1. Our main objective is to foster a community of like-minded individuals dedicated to combatting cybercrime and who have never engaged in Blackhat activities.

2. All applications must include research or a research draft. You can find content criteria in the blog. Please provide a link to your research or research draft using the form below.

Europe Intelligence Insights, November 2025
← Research Hub

Europe Intelligence Insights, November 2025

Europe’s threat landscape continued to evolve between September and November, revealing new patterns in ransomware activity, initial access sales, and DDoS operations. This edition highlights the key actors, the affected industries, and the most targeted countries. It also puts emerging phishing tools in the spotlight.

Threat activity at a glanceThreat activity at a glance

Europe recorded 646 DDoS and hacktivism attacks, 322 ransomware incidents, and 119 initial access listings between September and November. Incidents ranged from targeted attacks on German health organizations to ransomware leaks hitting multinational firms.

Key developmentsKey developments

Ransomware groups targeted large enterprises, particularly in credit information services and imaging technology. Initial access brokers expanded their listings, which included a Serbian marine shipping company valued at 206 million dollars. Adversary-in-the-middle phishing remained active, with Tycoon 2FA leading in the observed campaigns.

DDoS and hacktivismDDoS and hacktivism

Hezi Rash, NoName057, and DarkStorm Team remained among the most active groups, with operations targeting health providers, government entities, and critical service organizations across Europe. The report provides country-level insights into activity levels and sector targeting.

Stop threats before they take over

Curious how these trends could affect your organization? Our team can help you interpret the findings for your environment.

Stay informed. Stay protected.

Relevant reports

We see the full picture of the evolving cyber threat landscape thanks to unique tools for monitoring the infrastructure used by cybercriminals and data from battlefields:

Intelligence Insights Report, November 2025
New
Trend Report
Intelligence Insights Report, November 2025
Explore the most notable cybersecurity events in the region and the best practices
Learn more
Intelligence Insights Report, October 2025
New
Trend Report
Intelligence Insights Report, October 2025
Explore the most notable cybersecurity events in the region and the best practices
Learn more
Intelligence Insights Report, September 2025
New
Trend Report
Intelligence Insights Report, September 2025
Explore the most notable cybersecurity events in the region and the best practices
Learn more