Cloudflare Q2 2025 Report: Cyber Threats Rise Globally Amidst Increased Internet Activity

Cloudflare has released its Q2 2025 Global Internet Trends and Insights report, highlighting notable changes in web traffic patterns, the volume of cyber threats, and security trends across global and regional levels. During the second quarter of 2025, Cloudflare reported blocking an average of 190 billion cyber threats daily worldwide. This signifies a 21% increase year-over-year (YoY), despite a 23% quarter-over-quarter (QoQ) decrease in threat volume following a surge earlier in the year. The company also managed an average of 5.8 trillion daily internet requests globally, marking a 9% QoQ increase and a 40% YoY jump, underscoring the ongoing expansion of internet usage.

Global Regional Breakdown – Q2 2025:

• North America (NAMER): 41.5 billion daily threats blocked, an 18% increase YoY and a 12% decrease QoQ.
• Europe, Middle East & Africa (EMEA): 62.7 billion daily threats blocked, up 22% YoY and down 16% QoQ.
• Asia-Pacific (APAC): 57.4 billion daily threats blocked, a 24% increase YoY and a 29% decrease QoQ.
• Latin America (LATAM): 19 billion daily threats blocked, up 15% YoY and down 36% QoQ.

Kingdom of Saudi Arabia (KSA) – Regional Internet Trends Snapshot:

KSA experienced no significant change in overall internet traffic compared to Q1 2025. However, mitigated traffic (cyber threats) saw a 6% QoQ decrease, indicating a relative reduction in targeted attacks within the region.

• Daily Request Traffic: 42.6 billion content requests served daily. Of these, 543 million (1%) were blocked as cyber-attacks, a 6% decrease QoQ.
• Cyber Threats Blocked Daily: 294 million cyber threats were blocked per day. This represents a 76% QoQ decrease, following an 890% spike in Q1 2025 due to sustained attacks on a Middle East project management training firm.
• Top Targeted Verticals in KSA: Internet, Consumer Goods, Information Technology & Services, and Airlines/Aviation.
• Primary Defenses Against Application Layer Attacks: Web Application Firewall (WAF) Rules accounted for 92% of defenses, with DDoS Mitigations at 8%.
• Most active WAF rules: HTTP Anomaly (20%), Cross-site Scripting – XSS (10%), and Directory Traversal (8%).

United Arab Emirates (UAE) – Regional Internet Trends Snapshot:

The UAE observed a 15% increase in internet traffic in Q2 2025 compared to Q1. Concurrently, mitigated traffic rose by 17% QoQ, reflecting heightened threat activity.

• Daily Request Traffic: 17.4 billion content requests served daily. Among these, 787 million (5%) were blocked as cyber threats, primarily DDoS attacks originating in the UAE, marking a 17% increase QoQ.
• Cyber Threats Blocked Daily: 1 billion cyber threats were blocked per day, a 63% increase QoQ.
• Top Targeted Verticals in UAE: Retail, Consumer Services, Banking, Financial Services & Insurance (BFSI), and Information Services.
• Primary Defenses Against Application Layer Attacks: DDoS Mitigations comprised 50% of defenses, and WAF Rules accounted for 49%.
• Most active WAF rule categories: HTTP Anomaly (16%), SQL Injection – SQLi (9%), and Cross-site Scripting – XSS (6%).

Bashar Bashaireh, AVP Middle East, Türkiye & North Africa at Cloudflare, stated, “Cloudflare’s Q2 data reinforces the dual reality of the internet today—while usage is accelerating at unprecedented rates, so are the sophistication and frequency of cyber threats.” He added, “Our mission remains focused on enabling a secure, fast, and reliable internet experience for every user, everywhere.”