26 February 2026 - Manchester, UK - NCC Group today released its Annual Cyber Security Research Report 2025, showcasing a year defined by rapid technological change, deep technical exploration and major advances across the global research organisation. The report reflects contributions from teams across the UK, Europe, North America and APAC, delivering over 1,100 research days, 40 publications, 17 new or updated public tools, 8 technical advisories, and 8 public reports, alongside hundreds of enhancements across more than 280 opensource repositories.
From AI-driven intrusions to post-quantum cryptography and secure automotive systems, NCC Group’s researchers continued to push boundaries across offensive and defensive security disciplines, strengthening global cyber resilience through open knowledge sharing, tooling and independent assurance-driven intrusions to postquantum cryptography and secure automotive systems.
Andy Davis, Global Research Director at NCC Group commented: “2025 marked a turning point in cyber security. AI-driven intrusions, post-quantum transition and cryptographically mature systems are transforming how we secure the digital world. Our research community continues to lead by combining deep technical expertise with responsible, transparent impact. This report reflects the ingenuity, collaboration and rigour of our global teams.”
AI security becomes a defining global challenge
The report outlines rapidly expanding risks associated with AI adoption, including real-time deepfake vishing, prompt injection, unsafe agentic AI behaviour, and the rise of “shadow AI.” NCC Group’s research emphasises that defending modern AI systems requires architectural controls, strong data trust boundaries and disciplined cloud-AI hardening, not guardrails alone.
Cryptography and postquantum readiness accelerate
The Cryptography Services team advanced applied research across post-quantum cryptography, private processing for AI inference, threshold signatures and secure messaging. NCC Group supported organisations preparing for PQC migration and delivered assessments across blockchain and quantum-enabled infrastructures as global adoption accelerates.
Deep technical specialism in exploitation and hardware security
NCC Group’s Exploit Development Group (EDG) continued to push boundaries in automotive exploitation, embedded device research, hypervisor security and AI-augmented vulnerability analysis. As exploitation becomes harder, the report highlights the growing need for specialist research and bespoke tooling to understand and defend against advanced threat actors.
Building confidence in cyber-physical and regulated environments
Transport, safety and cyber-physical systems research focused on cryptographically mature automotive architectures, UAS assurance, electrification ecosystems, and new demands from global regulatory frameworks. NCC Group continued to expand its leadership in Claims Arguments Evidence (CAE) and assurance for AI/ML in high-integrity systems.
About NCC Group Research
NCC Group’s global research organisation spans offensive security, cryptography, hardware, AI/ML, cyber-physical systems, threat intelligence and emerging architectures. With hundreds of specialists and thousands of research days delivered annually, we publish cutting-edge work, contribute to global standards and support secure innovation across industry and academia.
Contact
NCC Group Press Office
All media enquires relating to NCC Group plc.