Web DDoS and App Exploitation Attacks Surge in First Half of 2025

Radware’s monitoring showed a 39% increase in Web DDoS attacks compared to the second half of 2024, culminating in a record 54% quarter-over-quarter increase in Q2, indicating a dramatic escalation of cyber threats during the first half of 2025.

This escalation reflects a strategic pivot by threat actors toward smaller, sustained assaults below 100,000 requests per second (RPS), leveraging automated tools augmented by generative AI to democratize DDoS capabilities among emerging and loosely coordinated adversaries.

While average attack sizes diminished, peak incidents reached 10 million RPS in Q1 and 6.2 million RPS in Q2, underscoring the persistence of high-volume threats accessible to sophisticated actors.

Regionally, the Europe, Middle East, and Africa (EMEA) zone endured over half of these attacks, with Asia-Pacific (APAC) experiencing heightened exposure, contrasting a relative decline in North America.

Hacktivist Campaigns

Concurrently, network-layer (L3/L4) DDoS attacks rebounded aggressively, rising 85.5% from H2 ...