机构报告：安全成Web3行业长期生存的核心变量

Core Insights - The Web3 security company CertiK released its 2025 annual security report, highlighting the ongoing development of the Web3 industry amidst increasing security risks [1][2] - In 2025, there were 630 security incidents in the Web3 sector, resulting in total losses of approximately $3.35 billion, a 37% increase compared to 2024 [1] - Despite a decrease of 137 incidents from the previous year, the average loss per attack surged to $5.322 million, marking a 66.6% increase [1] Incident Analysis - Supply chain attacks emerged as the largest risk source in 2025, with only two recorded incidents but total losses reaching $1.45 billion, accounting for nearly half of the annual losses [1] - Phishing remained the most common security threat, with 248 recorded incidents causing losses of about $723 million, slightly surpassing code vulnerability attacks (240 incidents) [2] - The report suggests that the actual impact of phishing attacks may be underestimated, as many incidents targeting individual users go unreported [2] Technological Impact - The proliferation of artificial intelligence is amplifying phishing attacks, as attackers utilize AI to create highly realistic phishing websites and messages, enhancing the success rate and stealth of these attacks [2] - CertiK emphasizes that security is no longer optional for Web3 projects and individual users, but a critical variable affecting long-term survival [2]