Cloudflare’s inaugural 2026 Threat Report, released March 3, 2026, documents what its researchers call a “fundamental shift toward the industrialization of cyber threats.” Drawing on visibility into 20 percent of all global internet traffic and the telemetry behind 230 billion threats blocked per day, the report identifies eight converging trends that are reshaping the attack surface for every organization connected to the internet. The numbers behind those trends are stark: 47.1 million DDoS attacks were mitigated by Cloudflare in 2025 alone, a 121 percent year-over-year increase, while a single botnet pushed a record-breaking 31.4 terabits per second of traffic in December 2025. This is no longer a threat landscape of isolated incidents. It is an industrialized assembly line of attacks built for volume, speed, and scale.
The Record Nobody Wanted: 31.4 Tbps in 35 Seconds
On December 2025, Cloudflare’s autonomous defense systems absorbed the largest publicly disclosed distributed denial-of-service attack in recorded history. The attack peaked at 31.4 terabits per second and lasted just 35 seconds, simultaneously generating 14.1 billion packets per second. For reference, the previous world record stood at 3.8 Tbps set in October 2024, meaning the record increased by more than 726 percent in 14 months. Within that same year, the DDoS bandwidth record was broken at least five times.
To put 31.4 Tbps in practical terms: it exceeds the combined internet bandwidth of most mid-size countries. A single volumetric attack of that magnitude, if not stopped in milliseconds by autonomous systems, would knock entire national networks offline. Human incident responders operating on even a 5-minute response cycle would arrive to find the attack already over, having accomplished its disruption.
“DDoS attacks have crossed the threshold where autonomous defenses are no longer optional but essential,” said Matthew Prince, co-founder and CEO of Cloudflare. “At 31.4 Tbps, no human-in-the-loop response cycle is fast enough. The window for intervention is measured in seconds, not minutes.”
Aisuru-Kimwolf: The Botnet Behind the Records
The record-breaking attacks trace back to the Aisuru-Kimwolf botnet, a distributed army of between 1 and 4 million infected hosts dominated by compromised Android TV boxes, consumer routers, and other IoT devices. Cloudflare mitigated 2,867 Aisuru attacks between January and December 2025. In Q3 2025 alone, Cloudflare mitigated 1,304 hyper-volumetric attacks launched by Aisuru, a 54 percent quarter-over-quarter increase.
Aisuru’s target profile spans telecommunications providers, gaming companies, hosting providers, and financial services. The botnet routinely exceeded 1 terabit per second and 1 billion packets per second during standard operations, with record spikes reaching the 31.4 Tbps peak. By Q4 2025, hyper-volumetric attacks as a category grew 40 percent quarter-over-quarter, compounding a 700 percent overall size increase compared with late-2024 benchmarks.
The Aisuru architecture reflects a broader trend: botnets built from consumer devices that owners never patch, running firmware with known vulnerabilities, connected to high-bandwidth residential and commercial internet links. Each compromised Android TV box contributes a fraction of a gigabit. Multiplied across millions of devices, those fractions become terabits within seconds.
2025 DDoS Volume: Key Metrics at a Glance
| Metric | 2025 Figure | Year-over-Year Change |
|---|---|---|
| Total DDoS attacks mitigated (Cloudflare) | 47.1 million | +121% |
| Network-layer (L3/L4) attacks | 34.4 million | Tripled vs. 2024 |
| Application-layer (L7) attacks (Q2 2025) | +74% YoY | Rising quarterly |
| Average attacks mitigated per hour | 5,376 | Up from 2,430 in 2024 |
| Record DDoS peak (December 2025) | 31.4 Tbps | +726% vs. Oct. 2024 record |
| Aisuru peak packets per second | 14.1 billion pps | New all-time record |
| Hyper-volumetric attack growth (2025 vs. late 2024) | +700% | Record broken 5+ times |
| Q1 2025 attacks alone | 20.5 million | 96% of full-year 2024 total |
AI Erases the Skill Barrier for Attackers
Perhaps no trend in the Cloudflare 2026 report carries more long-term weight than the weaponization of generative AI. Threat actors are using large language models to perform real-time network mapping, accelerate exploit development, and generate hyper-realistic deepfakes at a scale that previously required state-level resources. Cloudforce One, Cloudflare’s threat intelligence team, tracked a threat actor who used AI to identify the precise location of high-value data across a cloud environment, then exploited that intelligence to compromise hundreds of corporate tenants in a single cascading supply chain attack.
CrowdStrike’s 2026 Global Threat Report corroborates the acceleration. Attacks by AI-enabled adversaries increased 89 percent year-over-year. The average eCrime breakout time, the window between initial access and lateral movement across a network, fell to 29 minutes, a 65 percent improvement in attacker speed from 2024. The fastest recorded breakout occurred in just 27 seconds. These are not theoretical speeds. They represent real intrusions that defenders experienced in 2025.
“The combination of AI-generated exploits and dramatically compressed dwell times means the traditional assume-breach playbook now needs to assume 30-minute breach,” said Adam Meyers, SVP of Counter Adversary Operations at CrowdStrike. “Detection programs built around a 24-hour investigation window are structurally obsolete.”
IBM X-Force research adds another dimension. In 2025, researchers found more than 300,000 ChatGPT account credentials listed for sale on dark web marketplaces. As AI tools are woven into corporate workflows and given access to sensitive data stores, those credentials become a new category of high-value target. A compromised AI agent credential is not just a user account; it is often a fully authenticated gateway to every resource the agent was permitted to touch.
Nation-State Pre-Positioning Inside U.S. Infrastructure
The Cloudflare 2026 report identifies a strategic pivot by Chinese state-sponsored threat actors. Salt Typhoon and Linen Typhoon, both tied to Chinese intelligence services, have shifted focus from broad-spectrum espionage toward persistent pre-positioning inside North American critical infrastructure. Their current priority targets are telecommunications providers, government entities, and IT services firms.
Pre-positioning is distinct from traditional cyber espionage. Rather than exfiltrating data and withdrawing, these actors install dormant code on networks and systems of rival states, creating access points that can be activated in a future conflict. The telecommunications sector is particularly exposed because compromising a carrier’s infrastructure provides access not only to the carrier’s own data but to communications metadata and routing for millions of downstream customers.
IBM X-Force’s regional data from 2025 reflects the same geographic shift. North America became the most attacked region in the world for the first time in six years, accounting for 29 percent of all incident response cases, up from 24 percent in 2024. Asia Pacific, which led the rankings in prior years, fell from 34 percent to 27 percent, a substantial redistribution of attacker focus that tracks with the escalating geopolitical tension between the United States and China.
North Korean Operatives in Western Payrolls
One of the more operationally novel findings in the Cloudflare 2026 report concerns North Korea’s remote IT worker program. North Korean operatives are using AI-generated deepfakes and fraudulent identity documents to bypass hiring filters at Western companies, embedding themselves directly into corporate payrolls. Once hired, these workers use U.S.-based “laptop farms,” physical locations where remotely controlled computers run with legitimate American IP addresses to mask the worker’s actual location in North Korea.
The program serves dual purposes. It generates illicit revenue that flows back to the North Korean government, helping fund weapons programs under economic sanctions. It also places operatives with legitimate corporate access credentials inside target organizations, enabling both long-term espionage and the potential for destructive attacks at a time of Pyongyang’s choosing. CrowdStrike’s 2026 data identifies a 42 percent increase in zero-day vulnerabilities exploited before public disclosure, and insider access substantially reduces the difficulty of finding and exploiting those zero-days.
Token Theft Has Effectively Retired Traditional MFA
Multi-factor authentication was once considered the gold standard for access control. The Cloudflare 2026 report argues that traditional MFA has been functionally neutralized by a combination of infostealer malware and session token harvesting. Infostealers like LummaC2 do not need to crack a password or intercept a one-time code. They harvest active, authenticated session tokens directly from a compromised endpoint’s memory or browser storage.
An attacker with a stolen session token can authenticate to a service as if they were the legitimate user, skipping the entire MFA challenge because authentication has already occurred. The token represents a post-authentication state. From the server’s perspective, the session is valid. CrowdStrike’s data shows that 82 percent of detections in 2025 were malware-free, meaning attackers increasingly rely on stolen credentials and session tokens rather than deploying traditional malware, which is far more likely to trigger security tooling.
“Token theft represents a fundamental change in the attacker’s workflow,” said Mark Hughes, President of Security at IBM Consulting. “When you steal the session rather than the password, you inherit the user’s authenticated context. You are in the system, not trying to get into it. That distinction matters enormously for detection strategy.”
The defensive response requires a shift toward continuous session validation, device trust scoring, and behavioral anomaly detection rather than relying on authentication events as a security boundary. Organizations still measuring MFA adoption as a primary security metric are addressing a problem attackers largely solved two years ago.
SaaS Integration Risk: One API Key, Hundreds of Victims
The third major structural vulnerability identified in the Cloudflare 2026 report involves over-privileged SaaS integrations. Modern enterprise technology stacks connect dozens or hundreds of SaaS applications through API integrations, often configured with broad permissions that made initial setup easier. The connective tissue of those API integrations creates a risk amplifier: a single compromised API key or OAuth token at a high-connectivity provider can cascade into a breach affecting hundreds of distinct corporate environments.
Cloudforce One tracked exactly this scenario, observing a threat actor who, after compromising one high-connectivity SaaS platform, leveraged its API integration graph to reach and compromise hundreds of downstream corporate tenants. The breach originated in one place and landed in hundreds, without the attacker needing to perform separate intrusions against each victim. The blast radius was a function of the integration architecture, not the attacker’s effort.
This dynamic is partly a legacy of aggressive SaaS adoption without corresponding access governance. Many integrations were configured by developers seeking functionality, not security professionals evaluating minimum-necessary permissions. The result is an enterprise environment where a single point of compromise can produce hundreds of breach notifications.
Trusted Cloud Tools Turned Into Attack Infrastructure
Attackers have adapted to a world where security tools monitor for suspicious traffic and unusual domains. The Cloudflare 2026 report documents a response: adversaries now route malicious activity through legitimate, trusted cloud services including Google Calendar, Dropbox, and GitHub. Command-and-control traffic disguised as Google Calendar events. Exfiltrated data staged in Dropbox folders. Malicious payloads hosted on GitHub repositories.
These services are on every enterprise allowlist. Their traffic is SSL-encrypted, their domains are trusted, and their IP ranges are often excluded from inspection rules to avoid performance overhead. Security teams that built detection logic around suspicious domains and unknown IP addresses have no obvious signal to alert on when an attacker’s C2 infrastructure runs through Google’s servers.
The defensive implication is that content inspection, behavioral analytics, and data loss prevention need to extend to traffic destined for trusted cloud services, not just unknown or suspicious destinations. That is a significant operational shift for organizations that treated major cloud platforms as inherently safe destinations.
Phishing-as-a-Service Exploits Email’s Relay Blind Spot
Email security has a structural flaw that phishing-as-a-service operators have learned to exploit systematically. When a legitimate organization’s email passes through a third-party relay or shared sending service, the receiving mail server often does not re-verify the sender’s identity at the relay stage. Phishing-as-a-service bots exploit this gap by routing malicious email through relay infrastructure, allowing them to deliver messages that appear to originate from trusted, high-reputation brands directly to user inboxes, bypassing standard authentication checks.
The result is internal brand spoofing: an email that passes SPF, DKIM, and DMARC checks because it technically transited legitimate infrastructure, but carries a malicious payload or link. Recipients see a sender name they recognize, a domain they trust, and no warning flags from their email client. Click-through rates on these messages far exceed those of standard phishing campaigns.
Cross-Report Threat Intelligence Comparison
| Finding | Source Report | Key Statistic |
|---|---|---|
| AI-enabled adversary attacks | CrowdStrike 2026 Global Threat Report | +89% year-over-year |
| Average eCrime breakout time | CrowdStrike 2026 Global Threat Report | 29 minutes (fastest: 27 seconds) |
| Malware-free detections | CrowdStrike 2026 Global Threat Report | 82% of all detections |
| Zero-days exploited before disclosure | CrowdStrike 2026 Global Threat Report | +42% year-over-year |
| Vulnerabilities exploitable without auth | IBM X-Force 2026 | 56% of 40,000 tracked CVEs |
| ChatGPT credentials on dark web (2025) | IBM X-Force 2026 | 300,000+ accounts |
| North America share of IR cases | IBM X-Force 2026 | 29% (up from 24% in 2024) |
| GenAI data leak concern | WEF Global Cybersecurity Outlook 2026 | 34% cite as leading threat |
| DDoS attacks blocked per day | Cloudflare 2026 Threat Report | 230 billion threats |
| SaaS cascade compromise scope | Cloudflare 2026 Threat Report | Hundreds of tenants per breach |
What the Threat Landscape Means for Security Teams
The Cloudflare 2026 report arrives at a moment when security teams are being asked to do more with budgets that grew more slowly than the threat surface. The eight trends it identifies are not independent problems with independent solutions. They are interconnected. AI-enabled attackers compress breakout time, forcing autonomous defense. Botnets reach scales requiring pre-provisioned mitigation capacity. Token theft defeats authentication investments organizations spent years building. SaaS integration risk multiplies from every new tool added to the stack.
Several concrete priorities emerge from reading the Cloudflare, CrowdStrike, and IBM findings together. First, organizations need to audit SaaS integration permissions immediately, identifying any OAuth grants or API keys with access beyond what the integration actively requires. Second, session management needs to move beyond issuance, adding continuous validation of device posture and behavioral patterns throughout an authenticated session. Third, DDoS protection cannot depend on human response timelines; autonomous mitigation with pre-provisioned capacity is the only architecture that survives hyper-volumetric attacks. Fourth, email security configurations need explicit review of relay trust chains, not just perimeter DMARC enforcement.
“The attack surface is not just larger, it is fundamentally different in character,” said John Graham-Cumming, CTO of Cloudflare. “Organizations that built their defenses for the 2022 threat model are facing the 2026 threat model with the wrong tools. The industrialization of cyber threats means the defender’s operating tempo has to match the attacker’s automation.”
Historical Context: How Far the Threat Has Escalated
DDoS Scale: From Megabits to Terabits in a Decade
In 2013, a 300 Gbps DDoS attack against Spamhaus was widely reported as the largest in history and described as threatening to “slow the internet.” That record lasted several years. By October 2024, the record had climbed to 3.8 Tbps. Within 14 months, that figure increased by 726 percent to 31.4 Tbps. The acceleration is not linear; it is exponential, driven by the proliferation of IoT devices, the availability of botnet-as-a-service infrastructure, and the economic incentives of ransomware and hacktivist campaigns targeting critical infrastructure.
The Attacker Economy Reaches Industrial Scale
What the Cloudflare report calls “industrialization” is the endpoint of a decade-long commoditization of offensive tools. Exploit kits, phishing-as-a-service platforms, infostealers-for-hire, and DDoS-for-hire services all existed before 2025. What changed in the 2025-2026 period was the integration of generative AI as a force multiplier across all of them. A low-skill actor using AI-assisted exploit development can now conduct operations that previously required a team of experienced researchers. The technical barrier to entry for high-impact attacks has effectively collapsed.
Five Predictions for the Second Half of 2026
- DDoS records will be broken again before year-end. Given the 700 percent growth trajectory in hyper-volumetric attack size during 2025, and the continued expansion of the Aisuru botnet and similar infrastructure, a new peak above 31.4 Tbps is statistically likely before the end of 2026. Cloudflare’s autonomous systems will absorb it, but organizations relying on legacy on-premise mitigation hardware will face gaps.
- AI credential theft will reach healthcare and critical infrastructure. The 300,000-plus ChatGPT credentials found on dark web markets in 2025 are early signal. As AI systems are integrated into hospital networks, power grid management, and financial transaction platforms, compromised AI agent credentials will become priority targets with proportionally higher stakes.
- At least one major SaaS provider will suffer a cascade breach affecting 500-plus enterprise tenants. The over-privileged API integration architecture is widespread and the attack pattern is now documented in a public threat report. Expect at least one high-profile incident that demonstrates the multi-tenant blast radius at scale.
- CISA will issue binding operational directives targeting IoT security in critical sectors. The Aisuru botnet’s composition, millions of unpatched consumer and industrial IoT devices, creates regulatory pressure for minimum security standards. U.S. federal network operators will likely face new requirements for IoT inventory and patching within their own environments by the end of 2026.
- North Korean IT worker arrests will increase significantly. The FBI and partner agencies have been building cases against the laptop farm infrastructure since at least 2023. Public disclosures and prosecutions will accelerate as Western governments respond to the scale of the program documented in threat intelligence reports from Cloudflare and CrowdStrike.
Frequently Asked Questions
What is the Cloudflare 2026 Threat Report?
The Cloudflare 2026 Threat Report, published March 3, 2026, is Cloudflare’s inaugural annual threat intelligence report. It analyzes trillions of network signals from Cloudflare’s infrastructure, which handles approximately 20 percent of global internet traffic, to identify major cybersecurity trends, attack patterns, and threat actor behaviors shaping the 2026 landscape.
What was the largest DDoS attack in history as of 2026?
The largest publicly disclosed DDoS attack peaked at 31.4 terabits per second, recorded in December 2025 and blocked by Cloudflare. The attack lasted 35 seconds and also generated 14.1 billion packets per second. It was executed by the Aisuru-Kimwolf botnet, which operates an estimated 1 to 4 million infected devices globally.
How does token theft bypass MFA?
Infostealers like LummaC2 capture authenticated session tokens from a victim’s browser or memory after they have already logged in and passed MFA. The attacker then replays that token to the target service, presenting what the server sees as a valid, already-authenticated session. Because authentication already occurred, no MFA challenge is issued. The attacker enters as an authenticated user without ever knowing the victim’s password or one-time code.
What are Salt Typhoon and Linen Typhoon?
Salt Typhoon and Linen Typhoon are Chinese state-sponsored cyber threat actors that Cloudflare’s 2026 report identifies as actively targeting North American telecommunications, government entities, and IT service providers. Both groups have shifted strategy from broad espionage toward persistent pre-positioning, installing dormant access capabilities inside critical U.S. infrastructure for potential future use in geopolitical conflicts.
How many DDoS attacks did Cloudflare block in 2025?
Cloudflare mitigated 47.1 million DDoS attacks in 2025, a 121 percent increase year-over-year. That works out to approximately 5,376 attacks per hour, or about 1.5 attacks every second around the clock. Network-layer attacks tripled compared with 2024, reaching 34.4 million incidents.
What should organizations do about over-privileged SaaS integrations?
Organizations should audit all active OAuth grants and API keys, identifying any integration with permissions exceeding what the integration actively uses. Revoke permissions that are broader than necessary, implement periodic access reviews for all SaaS-to-SaaS connections, and treat third-party integrations as a potential breach vector requiring the same access governance as human users. Cloudforce One’s findings suggest that a single compromised high-connectivity SaaS platform can cascade into hundreds of downstream tenant breaches.
How does AI help attackers and defenders differently?
For attackers, AI accelerates every phase: real-time network mapping replaces slow manual reconnaissance, AI-generated exploits require less researcher skill, and deepfake content improves social engineering success rates. CrowdStrike data shows the average attacker now achieves lateral movement within 29 minutes of initial access, driven partly by AI-assisted tooling. For defenders, AI enables autonomous threat detection and response at machine speed, which is the only viable answer to attacks that unfold faster than human response cycles. Organizations without AI-powered defenses face a structural speed disadvantage.
Related Coverage
For deeper analysis of threats highlighted in the Cloudflare 2026 report, see these related articles on the shattered.io security hub:
- AI Cyberattacks: 90% Autonomous, 40K Flaws [2026] — how generative AI is changing attacker capabilities across the full kill chain
- Infostealers Stole 1.8B Credentials in 2025 [2026] — the ecosystem powering token theft and credential compromise
- Lumma Stealer Returns: 394K Devices Hit [2026] — in-depth profile of LummaC2, the primary tool for session token harvesting
- npm Supply Chain Attacks: 1.2M Malicious Packages [2026] — how supply chain compromise works at the software dependency layer
- Ransomware Groups Up 49%: 8,159 Victims Hit in 2025 [2026] — the criminal economy that drives many of the botnets in the Cloudflare report
External sources: Cloudflare 2026 Threat Report (full blog post) | Cloudflare press release, March 3, 2026 | Cloudflare Q3 2025 DDoS Report | DDoS statistics 2026 (StationX) | DDoS attack statistics aggregation (Swif.ai)
