Core Insights - The primary driver of DDoS activity is geopolitical and ideological conflict, with hacktivism evolving into a persistent threat in 2025 [10] - Cyberattack activity has dramatically escalated in 2025, with increasing sophistication, speed, and scale of threats facing organizations globally [2][11] DDoS Attack Trends - Network-layer DDoS attacks increased by 168.2% year over year, with peak attack volumes reaching almost 30 Tbps, indicating a resurgence of brute-force volumetric attacks [3] - Web DDoS attacks surged by 101.4% compared to 2024, with most high-impact attacks lasting less than 60 seconds, making traditional defenses less effective [4] - In the second half of 2025, the average Radware customer experienced over 25,351 network-layer DDoS attacks, averaging 139 attacks per day [7] Targeted Industries and Regions - The technology sector accounted for 45% of all network-layer DDoS attacks, a significant increase from 8.77% in 2024 [7] - North America was the most targeted region, accounting for 63.1% of all network-layer DDoS attacks globally, followed by the Middle East (16.1%) and Europe (13.7%) [7] - EMEA accounted for 57% of all Web DDoS attacks, while APAC saw a 485% year-over-year increase in Web DDoS activity [8] Application and API Attacks - Malicious web application and API transactions rose by 128% year over year, confirming the application layer as the primary battleground for modern cyberattacks [5] - Vulnerability exploitation accounted for 41.8% of observed application-layer attacks, rising to nearly 58% in Q4 2025 [8] Bad Bot Activity - Bad bot activity increased by 91.8%, driven by generative AI tools that lowered the barrier for attackers [9] - In the first half of 2025, bad bot activity reached 89.2% of the total volume observed in all of 2024 [16] Conclusion - The threat landscape is evolving rapidly, with attackers leveraging automation, AI, and multi-vector strategies to disrupt operations at scale [11]

Core Viewpoint - Radware has announced a new share repurchase plan, authorizing the buyback of up to $80 million of its ordinary shares, which will expire on March 15, 2027 [1]. Group 1: Share Repurchase Plan - The 2026 Plan allows management to repurchase shares through open market transactions, privately negotiated transactions, or other legally permissible methods based on market conditions [2]. - The repurchase will comply with U.S. securities laws, including Rule 10b-18 of the Exchange Act, and applicable Israeli law [2]. - The company is not obligated to repurchase a specific number of shares and may suspend or terminate the plan at management's discretion [2]. Group 2: Company Overview - Radware is a global leader in application security and delivery solutions for multi-cloud environments, utilizing AI-driven algorithms for real-time protection against sophisticated cyber threats [3]. - The company's solutions are relied upon by enterprises and carriers worldwide to address evolving cybersecurity challenges while reducing costs [3].

Core Viewpoint - Radware, a leader in application security and delivery solutions for multi-cloud environments, is set to announce its fourth quarter and full year 2025 financial results on February 11, 2026 [1]. Financial Results Announcement - The financial results will be discussed in a conference call hosted by Radware management on February 11, 2026, at 8:30 a.m. EST [2]. - Investors can register for the call through a provided link [2]. Replay Availability - A replay of the conference call will be accessible approximately 24 hours after the live event on Radware's investor relations website [3]. Company Overview - Radware specializes in application security and delivery solutions, utilizing AI-driven algorithms for real-time protection against sophisticated cyber threats [4]. - The company's solutions are designed to help enterprises and carriers address evolving cybersecurity challenges while reducing operational costs [4].

Core Viewpoint - Radware, a leader in application security and delivery solutions, is set to announce its third quarter results on October 29, 2025, and will provide an outlook for the fourth quarter of 2025 [1][2]. Company Overview - Radware specializes in application security and delivery solutions for multi-cloud environments, utilizing AI-driven algorithms for real-time protection against sophisticated cyber threats [4]. - The company's solutions are relied upon by enterprises and carriers globally to address evolving cybersecurity challenges while reducing operational costs [4]. Conference Call Details - The management will host a conference call on October 29, 2025, at 8:30 AM EDT to discuss the third quarter results and future outlook [2]. - Participants are encouraged to join the call 15 minutes early, with US and international dial-in numbers provided [2]. Replay Information - A replay of the conference call will be available for seven days after the event, with specific telephone numbers for access [3].

Core Insights - Radware Ltd is recognized as a leading cybersecurity stock, emphasizing its commitment to global expansion and enhanced attack mitigation capabilities [1][2] - The company has opened two new cloud security centers in Tel Aviv, Israel, and Bogota, Colombia, increasing its total to 50 centers worldwide [2][3] - The expansion has boosted Radware's attack mitigation capacity to over 15 terabytes per second, improving response times for application and denial-of-service attacks [2] Company Overview - Radware Ltd specializes in application security and delivery solutions for multi-cloud environments, utilizing artificial intelligence algorithms to protect against various cyber threats [4] - The company aims to strengthen its presence in the EMEA and Latin America regions through its recent expansion efforts [3]

Core Insights - The report by Radware highlights a significant shift in credential stuffing attacks, moving from volume-based methods to sophisticated, multi-stage infiltration techniques [1][2] Attack Methodologies - 94% of analyzed configurations implement four or more business logic attack elements, with 54% demonstrating advanced orchestration using over 13 distinct techniques [6] - 83% of configurations contain explicit API-targeting techniques [6] - 24% of attack scripts alternate between two device types during execution, with 71% employing cross-platform transitions, primarily between iOS and Windows [6] Target Industries - The primary target sector for these attacks is Technology/SaaS at 27%, followed by financial services/government at 16%, and travel/airline at 13% [6] - High-value AI tools are targeted in 44% of all technology-related attacks, indicating a shift towards exploiting these tools for phishing content [6] - Corporate tools, including Microsoft 365, OneDrive, and Outlook, are also significant targets for ransomware groups seeking initial access to organizational systems [6] Threat Actor Concentration - 51% of the analyzed configurations were created by just three advanced threat actors, indicating a concentration of expertise in the field [6] - Each of these threat actors has over two years of operational experience in specialized areas such as AI platform authentication bypass and mobile API exploitation [6]

Core Insights - The report highlights a significant gap in cybersecurity defenses, particularly against AI threats and API vulnerabilities, with only 8% of organizations currently utilizing AI-based protection solutions [3][17] - There is a growing concern regarding business logic attacks, with many organizations lacking adequate training and documentation to effectively mitigate these risks [6][17] Group 1: Cybersecurity Landscape - The weaponization of AI by malicious actors is intensifying cybersecurity threats, leading to increased vulnerabilities in web applications and APIs [4][17] - Organizations are experiencing a surge in API usage, with a 42% increase in 2025 compared to 2023, yet they remain poorly protected against associated risks [17] - Only 29% of security staff are fully trained to handle API business logic attacks, indicating a significant skills gap in the industry [6][17] Group 2: Organizational Preparedness - A lack of confidence in defensive measures is prevalent, with many organizations admitting to major concerns about their cybersecurity readiness [8][17] - On average, only 6% of organizations have full documentation for all their APIs, which complicates risk management [3][17] - Half of the respondents are unaware of the third-party code being used in their applications, raising concerns about data security [6][17] Group 3: Financial Implications - Downtime caused by application DDoS attacks can be costly, averaging $6,100 per minute or $366,000 per hour [17] - Organizations face high compliance pressures, with 54% expressing significant concern regarding various regulations [17]