Exclusive insights into the latest Threat Intelligence. Keeping constant watch over the cyber and geopolitical landscapes so you don’t have to.
Monthly Threat Intelligence Report
Cyber attack methods evolve in November despite attack volume plateauing
● Global ransomware attacks fall by 2% in November (583)
● Industrials account for a quarter (25%) of all ransomware attacks
● Qilin remains the most prolific ransomware group for the fourth month in a row, accountable for 17% of attacks
● ClickFix attacks prove popularity, after a surge in use by 517% in H1 2025
17 December 2025 – Global ransomware attack volumes plateaued in November, according to NCC Group’s latest Cyber Threat Intelligence Report. While overall activity dipped slightly month-on-month by 2%, threat groups continued to evolve, demonstrating increasing sophistication through collaboration and the adoption of new tactics.
Monthly webinar
Our team of Threat Intel experts keep a constant watch over the cyber and geopolitical landscape, so you don’t have to.
Introducing our monthly highlights webinar, giving you further insight and exclusive access to what's going on now. Join our Global Head of Threat Intelligence, Matt Hull, each month for:
- A deeper understanding of the latest report findings
- A look at emerging trends by region and sector
- Insight into new threat actors
- Spotlight on the most impactful active cyber threats
Our next webinar will take place on January 20th 2025, 4pm GMT.
Matt Hull
Global Head of Threat Intelligence
Subscribe to our monthly reports and webinars for the latest on recent and emerging advances in the threat landscape and a deep understanding of the latest Tactics, Techniques and Procedures (TTPs) of threat actors.
Cyber Threat Intelligence report archive
On demand videos
Missed a webinar? Find every past recording in our showcase:
View now
Never miss any intelligence.
Hit the button below to get our monthly reports and highlight webinars straight to your inbox.