In 2025, cybersecurity continued to evolve within a landscape increasingly shaped by geopolitical dynamics and the widespread adoption of artificial intelligence. This is one of the key findings of the second edition of the Cyber Security Report – Threat Analysis and Scenario Evolution, produced by TIM and the Cyber Security Foundation with the contribution of the TIM Research Center.
The report examines the main trends shaping the digital threat landscape and their impact on citizens, businesses and institutions, while also highlighting the collaboration between the public and private sectors in strengthening the country’s resilience.
Among the trends observed, ransomware remains one of the most significant threats. In 2025, more than 7,400 ransomware attacks were recorded worldwide, up 42% compared with the previous year. The phenomenon also grew in Italy, where 166 incidents were detected (+14%), particularly concentrated in areas with a high density of industrial and manufacturing activities.
Regarding DDoS attacks, the report highlights approximately 4,300 incidents detected during the year, down 36% compared with 2024, mainly thanks to the preventive measures implemented. However, the decrease in volume does not correspond to a reduction in overall pressure: attacks have become more targeted and persistent, with average exposure time increasing by 19%. Excluding households and individual citizens, the Government sector accounted for 46% of the affected targets.
The analysis also points to the growth in known vulnerabilities, which reached nearly 48,500 worldwide (+20%), and includes a specific focus on zero-day vulnerabilities—security flaws that are not yet known to software vendors and therefore lack available protections. These vulnerabilities are particularly dangerous for organizations and critical infrastructures because they can be exploited by cybercriminals before a patch or corrective measure is developed.
The report also provides an in-depth analysis of the role of artificial intelligence. While AI is increasingly being used to automate phishing campaigns, fraud schemes and the creation of malicious code, it also offers new opportunities to strengthen prevention activities, threat analysis and incident response capabilities.
Other topics covered in the study include the resilience of critical infrastructures, the need to reduce technological dependencies in strategic areas such as cloud, data and artificial intelligence in order to strengthen Europe’s digital sovereignty and technological autonomy, and the evolution of the European cybersecurity regulatory framework.
Finally, the report explores the opportunities and challenges posed by emerging technologies, from quantum computing to satellite networks, highlighting the need to develop approaches and solutions today that can enhance the security of tomorrow’s digital ecosystems.
In a constantly evolving digital environment, the Cyber Security Report continues to provide valuable insights into the key developments shaping the cyber landscape and to support the spread of an increasingly informed and widespread cybersecurity culture.
Read the full Cyber Security Report