Reggio Emilia, February 26, 2026 – Cyberoo S.p.A., an innovative SME listed on the Euronext Growth Milan Market, specialized in cybersecurity for businesses, publishes the second edition of the annual report of the Cyberoo Observatory, this year dedicated to the theme “Inside the dark matter of cyberspace.” The document analyzes the main trends and attack patterns that emerged in 2025 and translates the evidence gathered into operational defense strategies for 2026, thanks to data provided by the I-SOC team, an advanced center with over 100 specialists operating in Italy and abroad, which combines 24/7 monitoring and response and Cyber Threat Intelligence, and by the Incident Response Team. The team, composed of ethical hackers and analysts, defends companies from cyber threats by integrating internal sources, such as data from the Cyber Security Suite, and external sources, such as the Surface, Deep, and Dark Web, with the aim of preventing and minimizing the damage of a cyber-attack.

Numbers

Among the most significant data emerging in 2025, Cyberoo reports:

• 320 new threat actors identified, including particularly aggressive ones: Qilin, Akira, Sarcoma, Everest
• Over 1,300 reports to the competent authorities for phishing, antispam, and antifraud by Cyberoo
• The detection of 38,654 suspicious domains
• The identification of over 2,700 unique CVEs associated with monitored suppliers, confirming the criticality of vulnerability management within the supply chain

Trends for 2025

2025 saw an increase in the direct exploitation of vulnerabilities, including zero-day vulnerabilities, and further expansion of the market for stolen credentials.

DDoS attacks, cyberattacks that render servers and websites inaccessible by flooding them with fake traffic from thousands of infected devices, made a comeback as a distraction tool, used to saturate defense systems and facilitate parallel reconnaissance and infiltration activities.

Phishing has evolved significantly, becoming increasingly credible and contextualized thanks to the use of generative AI, with cases of impersonation supported by voice and video deepfakes.

In general, AI-powered attacks represent a growing threat. Looking ahead to 2026 and beyond, the Observatory highlights the increase in AI-enabled threats, which make phishing, impersonation, and the spread of fake news more effective and scalable. The risk associated with credential theft and pressure on cloud and SaaS, which requires continuous monitoring, also remain central issues.

At the same time, supply chain incidents have shown a “chain” dynamic, in which a vulnerability in a supplier or shared component has often resulted in a blow to multiple organizations, extending to the supply chain with forms of pressure such as triple extortion, an advanced cybercriminal tactic and evolution of ransomware, whereby attackers do not just encrypt data, but apply three simultaneous levels of pressure to force victims to pay a ransom for their data.

Distribution of cyber-attacks: affected markets and critical periods

In the sample analyzed for the purposes of drafting the report, the manufacturing sector is the most exposed to cyber-attacks, accounting for 29% of the total examined, also considering the “volume” effect of the sector in the Italian and European markets.

In terms of timing, December is the month most affected by compromises in 2025, coinciding with the Christmas holiday period, when reduced security measures and staffing levels can increase companies’ operational vulnerability.

The challenges of 2026

In light of the data highlighted, the biggest challenge concerns what remains invisible: there is a gap between the perception of security and the real risk to information systems. Cyberoo defines this unobserved area as “cyber dark matter”: it is the combination of unmapped assets and surfaces, incomplete controls, obsolete systems, poor awareness, inadequately managed tokens and APIs, and non-human identities outside the monitoring perimeter.

That is why, among the priority actions recommended for 2026, the first is to strengthen internal governance and accountability, combine training, culture, and awareness with the orchestration of technologies, processes, and human skills, adopt identity-first controls, apply risk-based patch management, and ensure continuous supervision of cloud and SaaS with backups and incident response playbooks. The goal must be to move from reactive security to proactive and strategic defense, especially in larger companies that manage longer supply chains. In addition, it is essential to increase transparency and control over AI: managing artificial intelligence is critical to avoid falling into digital traps.

“2025 has reminded us that the attack surface is no longer just technical: identity, AI, and suppliers determine the real risk. Investing in governance, continuous monitoring, and operational resilience is the choice that protects value, business, and the people who make up the company. Protecting activities and services requires an approach that combines advanced technologies, governance, and, above all, continuous training. The Cyberoo Observatory 2026 was created with the aim of increasing awareness and helping to make risk measurable and manageable, increasing visibility and prioritization capabilities, and transforming the evidence gathered into repeatable decisions and actionable strategies to reduce the operational impact of incidents” – said Veronica Leonardi, CMO & Board Member of Cyberoo.

SOURCE: The Observatory is based on the continuous monitoring and analysis of billions of security events detected in 2025 (over 61,000 events per second) through Cyberoo’s proprietary systems and the operation of its MDR (Managed Detection & Response), which includes Cyber Threat Intelligence activities. The scope of observation includes over 700 midsize European customers from different sectors. Cyberoo publishes the Observatory’s findings with the aim of promoting greater awareness of cyber dynamics and risks, helping companies to strengthen their cyber resilience through timely and measurable choices, in line with the evolution of the regulatory framework and the latest European guidelines on the subject.

The complete document in Italian is available at the following link Download the Report – CYBEROO Observatory 2026.

***

Cyberoo S.p.A., a company listed on the Euronext Growth Milan stock exchange of Borsa Italiana, is an innovative Reggio Emilia-based SME specialized in cybersecurity for businesses, intended not only to protect IT systems from external attacks but also to implement a real strategy capable of protecting, monitoring and managing IT ecosystem information. Cyberoo addresses the medium-sized enterprise market with a broad and deep portfolio of enterprise solutions developed using the most advanced technologies and with a value chain that allows it to set prices that are in line with our customers’ spending power.

FOR INFORMATION:

CMO & INVESTOR RELATIONS MANAGER CYBEROO

Veronica Leonardi | investor@cyberoo.com  +39 0522 388111

INVESTOR RELATIONS ADVISOR

CDR Communication S.r.l.

Vincenza Colucci | vincenza.colucci@cdr-communication.it

Marika Martinciglio | marika.martinciglio@cdr-communication.it

MEDIA RELATIONS ADVISOR

CDR Communication S.r.l.

Maddalena Prestipino | maddalena.prestipino@cdr-communication.it

EURONEXT GROWTH ADVISOR

EnVent Italia SIM S.p.A.

ega@envent.it +39 02 22175979

L'articolo Cyberoo publishes its 2026 Observatory report proviene da Cyberoo.

This strategic recognition strengthens Cyberoo visibility on the European and international market, certifying the European origin, quality, and regulatory compliance of its cybersecurity services and solutions, as well as its adherence to rigorous standards of reliability and transparency.

A step forward towards European digital sovereignty

The label, promoted by ECSO — a non-profit organization and key partner of the European Commission — is part of an initiative aimed at consolidating the European cybersecurity ecosystem and promoting a resilient, autonomous, and secure digital Europe.

Cyberoo fully embraces this vision, contributing 100% European solutions to the development of a sovereign and competitive cyber market, in line with ENISA and GDPR policies.

Cyberoo: the only Italian MDR with the ECSO label

With this achievement, Cyberoo stands out as the only Italian MDR (Managed Detection & Response) company to be awarded the label, confirming its position as a national and international benchmark in the field of cyber threat detection & response.

This recognition strengthens Italy’s presence in the main international rankings in the sector. Cyberoo is in fact the only Italian company and one of the few European companies mentioned in the Gartner Market Guide for MDR Services, where it has been included among the Global Representative Vendors.

“We are an MDR that brings to the market exactly what the European market needs: technology and services entirely developed and managed in Europe, designed to protect the European business companies in a competitive environment dominated by foreign technologies” says Veronica Leonardi, CMO & Executive Board Member of Cyberoo. “We have European roots, strong investments in R&D on artificial intelligence, and full regulatory compliance.”

European cybersecurity, for Europe

The Cybersecurity Made in Europe label was created to promote solutions developed and produced entirely in Europe, promoting digital sovereignty and offering guarantees of reliability, security, and compliance with the GDPR and European regulations. Cyberoo, with headquarters in Italy and a strong focus on the European market, fits perfectly into this strategic vision.

A trusted choice for European companies

In an increasingly complex geopolitical and technological environment, companies are looking for reliable, transparent, and compliant technology partners. The ECSO label is a seal of trust, certifying that Cyberoo:

• designs and develops solutions entirely in Europe
• complies with high standards of quality, security, and data protection
• strengthens the European cyber ecosystem by promoting an ethical and responsible approach to data protection
• is in line with European directives on digital sovereignty

A result that confirms Cyberoo’s growing leadership and commitment

The ECSO recognition represents a further step in Cyberoo international growth strategy, based on proprietary technologies, advanced skills, and a cutting-edge MDR service, among the most advanced in Europe. It also confirms the company’s role as a strategic player in defending the European production system, with solutions designed for European companies by a European company.

What is the ECSO label?

Created by the European Cyber Security Organisation, the Cybersecurity Made in Europe label:

• recognizes solutions developed and produced entirely in Europe, compliant with ENISA (European Union Agency for Cybersecurity) standards and European GDPR policies;
• promotes trust between suppliers, customers, and public stakeholders;
• supports the growth of a competitive, autonomous, and secure cyber market;
• promotes transparency, cooperation, and quality in the digital landscape.

Cyberoo thus consolidates its role as an Italian center of excellence in the heart of digital Europe, capable of combining innovation, technological independence, and strategic vision in the service of European business security.

***

Cyberoo S.p.A., a company listed on the Euronext Growth Milan stock exchange of Borsa Italiana, is an innovative Reggio Emilia-based SME specialized in cyber security for businesses, intended not only to protect IT systems from external attacks but also to implement a real strategy capable of protecting, monitoring and managing IT ecosystem information. Cyberoo addresses the medium-sized enterprise market with a broad and deep portfolio of enterprise solutions developed using the most advanced technologies and with a value chain that allows it to set prices that are in line with our customers’ spending power.

L'articolo Cyberoo obtains the “Cybersecurity Made in Europe” label proviene da Cyberoo.

Reggio Emilia, February 5th, 2025 – Cyberoo S.p.A., innovative SME listed on the EGM market of Borsa Italiana, specializing in cyber security for enterprises, announces that it has signed a contract in Poland with a large-scale retail player with over 10 thousand employees.This is the most important commercial operation since the company began expanding into the Polish market, which today counts 9 local partners, and which saw an acceleration at the end of 2024.

The contract was concluded through Arrow Electronics, one of the world’s leading distributors of technology solutions, with which the company has signed an exclusive agreement, as announced in a press release on September 12^th,2024.

“This new contract in Poland – states Veronica Leonardi, Executive Board Member & CMO of Cyberoo – confirms that we are continuing in the direction of solid organic growth and are able to intercept the trust of important customers also on international markets, thanks to the high level of innovation and the effectiveness of our solutions”.

***

Cyberoo S.p.A.

Cyberoo S.p.A., company listed on the Euronext Growth Milan Market of the Italian Stock Exchange, is an innovative Emilian SME specialized in cyber security for businesses, intended not only as the protection of IT systems from external attacks but as the implementation of a real strategy capable of protecting, monitoring and managing the information of the IT ecosystem. Cyberoo addresses the midsize business market with a broad and deep portfolio of enterprise solutions, developed through the use of the most advanced technologies and with a value chain that allows it to offer this market prices in line with spending capacity. 

FOR INFORMATION:

CYBEROO

Chief Marketing Officer & Investor Relator

Veronica Leonardi | investor@cyberoo.com  +39 0522 388111

CYBEROO PRESS OFFICE ReputationValue, communication & public affairs

Federico Ziller | ziller@reputationvalue.it +39 335 7555508

Fabio Pandolfini | pandolfini@reputationvalue.it +39 339 7214602

EURONEXT GROWTH ADVISOR CYBEROO

EnVent Italia SIM S.p.A.

ega@envent.it +39 02 22175979

L'articolo CYBEROO: signs a new contract in Poland, a big player in the large distribution proviene da Cyberoo.

Reggio Emilia, December 3rd, 2024 – Cyberoo S.p.A., innovative SME listed on the EGM market of Borsa Italiana, specializing in cyber security for enterprises, has signed the first contracts with new strategic partners in Spain. The partnerships include the resale of Cyberoo Managed Detection & Response (MDR) services and offer extensive coverage in three key strategic areas of Spain: Madrid, Barcelona and Bilbao.

These agreements result from the collaboration started in September with Zaltor, one of the main IT distributors in the Iberian Peninsula. Firstly, with Omega Peripherals, an important reseller based in Barcelona specialized in security solutions for the corporate and government market. Secondly, with COS Mantenimiento and Global Digital Consulting, two companies of the COS Global Services group, a Madrid-based retailer focused on advanced cybersecurity solutions for SMEs and large enterprises.

Both partners are provided with Security Operations Centers (SOCs) based in the country. Therefore, Cyberoo will be able to offer Spanish-language Tier 1 support and benefit from the associated competitive advantage.

“These first agreements mark an important step forward in Cyberoo expansion strategy, aimed at expanding its network of partners in the Iberian market – declares Veronica Leonardi, CMO and Investor Relator of Cyberoo –. Our commitment is maximum to quickly build a structured and widespread presence”.

Cyberoo services were chosen by Spanish companies for the distinctive and highly qualified approach to cybersecurity of the Italian SME. The MDR service was particularly appreciated as an added value compared to competitors, it guarantees greater specialization and quality. The agnostic approach to technology is also much embraced, offering maximum flexibility and integration with different security platforms.

***

Cyberoo S.p.A.

Cyberoo S.p.A., a company listed on the Euronext Growth Milan stock exchange of Borsa Italiana, is an innovative Reggio Emilia-based SME specialized in cyber security for businesses, intended not only to protect IT systems from external attacks but also to implement a real strategy capable of protecting, monitoring and managing IT ecosystem information. Cyberoo S.p.A. serves the mid-sized business market with a broad and deep portfolio of enterprise solutions developed using the most advanced technologies and with a value chain that allows the organization to set prices that are in line with customers’ spending power.

FOR INFORMATION CYBEROO:

CYBEROO

Chief Marketing Officer & Investor Relator

Veronica Leonardi | investor@cyberoo.com  +39 0522 388111

CYBEROO PRESS OFFICE ReputationValue, communication & public affairs

Federico Ziller | ziller@reputationvalue.it +39 335 7555508

Fabio Pandolfini | pandolfini@reputationvalue.it +39 339 7214602

EURONEXT GROWTH ADVISOR CYBEROO

EnVent Italia SIM S.p.A.

ega@envent.it +39 02 22175979

L'articolo CYBEROO: signs the first partnerships in Spain proviene da Cyberoo.