Recent reports reveal that vulnerability exploitation accounts for over 21% of cyber incidents in Europe, with attackers increasingly targeting supply chains to amplify their impact across interconnected systems.

ENISA's annual 'Threat Landscape' report, analyzing 4,875 cybersecurity incidents from July 2024 to June 2025, highlights evolving threats and attack techniques targeting Europe's digital infrastructure.

Ransomware remains a significant threat, encrypting or locking data and demanding payments in cryptocurrencies, causing major disruptions at airports like Berlin Brandenburg and London Heathrow.

Over half of all incidents, 53.7%, involve essential entities under the NIS2 Directive, emphasizing the critical need for cybersecurity resilience, especially as public administration faces a rise in hacktivist DDoS attacks.

State-aligned threat groups have intensified cyberespionage and information manipulation campaigns against EU organizations, often sharing tactics with hacktivists and cybercriminals, exemplified by 'Faketivism'.

Phishing remains the leading intrusion vector, responsible for about 60% of incidents, with automated models like Phishing-as-a-Service making attacks more accessible and efficient.

DDoS attacks, primarily carried out by hacktivists, account for 77% of incidents, often involving low-impact campaigns that overwhelm servers temporarily, while ransomware continues to be the most damaging threat.

Targeting of mobile devices is increasing, especially outdated models, exploiting vulnerabilities in mobile technology across Europe's digital landscape.

Public administration is the most targeted sector, accounting for 38.2% of incidents, driven by cyberespionage and hacktivist activities, with other sectors like transport and finance also affected.

Artificial intelligence is playing a dual role, supporting over 80% of social engineering attacks through AI-driven phishing, while also becoming a new target for supply chain attacks.

There is a rising concern over the increasing reliance on digital supply chains, with attacks targeting interconnected systems to magnify disruptions across entire networks.

The overall cybersecurity situation in the EU has worsened, with ENISA highlighting ransomware as the most impactful threat in 2025, underscoring the growing severity of cyber risks.