BlueVoyant’s Threat Fusion Cell analyzed vetted OSINT and BVSOC telemetry for the third quarter of 2025, tracking over 360 active threat groups, 600 malware strains, and 121 campaigns.

Social engineering, especially phishing, remains the dominant initial access vector, while supply chain compromises spiked more than 300%. This report distills key trends and implications across initial access, victimology, sector targeting, malware, ransomware/extortion, and email lures.

Download now to learn:

• The top initial access methods and their prevalence
• Where attackers are focusing by industry and geography
• Telemetry and malware shifts gleaned from 15,170 events in 3Q2025

Use these insights to prioritize controls, validate defenses against top tactics, and brief stakeholders on risks most likely to impact your organization.