Cybersecurity firm Darktrace recently issued its Annual Threat Report, which offered some startling statistics and findings. The Threat Report provides a “comprehensive assessment of the global cyber threat landscape and the trends shaping cyber risk in 2026.”
Findings are summarized below, but we strongly encourage read the whole report.
- Email attacks are getting more sophisticated (which we know). Darktrace analyzed 32 million phishing emails and determined that threat actors are using AI to create content and evade detection, in addition to a marked increase in “identity-targeting techniques.”
- QR-code phishing attacks increased 28% between 2024 and 2025. A new technique, dubbed “splishing” (“in which a QR code is split into two distinct images”) and QR code “nesting” (“where a legitimate QR code is embedded with a malicious one”) are designed to bypass link-scanning tools and re-route victims to malicious sites.
- Newly created domains are on the rise. 1.6 million phishing emails “relied on newly created domains spun up specifically for malicious activity.”
- “70% of phishing emails passed DMARC authentication, helping them appear legitimate to both users and automated controls.”
- Critical national infrastructure is being targeted.
The report is consistent with what we see on a day-to-day basis. It provides valuable insight into the threats facing companies and individuals and what the trends will be in 2026, all of which can be used to build a cybersecurity strategy and education for your organization.