---
title: "Cybersecurity Update Week 22/2025 | Aegister"
description: Weekly cybersecurity update for Week 22 of 2025. Key vulnerabilities, threat alerts, and security news relevant to Italian and European organizations.
canonical: https://www.aegister.com/en/cms/insights/cybersecurity-update-week-22-of-2025/
url: /en/cms/insights/cybersecurity-update-week-22-of-2025/
lang: en
---

![](/static/images/header-contact.webp)

# Cybersecurity Update – Week 22 of 2025

---

![Cybersecurity Update – Week 22 of 2025](/static/images/cms/weekly-cyberupdate-22-2025.webp)

## Cybersecurity Update – Week 22 of 2025

May 29, 2025

[NIS2](/en/cms/keyword/nis2/)
[ACN](/en/cms/keyword/acn/)
[compliance](/en/cms/keyword/compliance/)
[incident response](/en/cms/keyword/incident-response/)
+11

Over the past week, Italy and the European **cybersecurity** landscape have seen significant developments. From the increase in DDoS and ransomware attacks to regulatory and strategic news, the sector continues to evolve rapidly. Below is an updated summary of emerging trends, main risks, and ongoing initiatives.

## Rising cyber attacks: focus on ransomware and DDoS

In the first quarter of 2025, Italy recorded a peak in **serious attacks**: +54% compared to the previous year. Particularly significant were **DDoS** attacks, which affected both public and private sectors (+200% compared to 2024), and **ransomware** attacks, up 64%. Among the most critical cases was the attack on the **City of Pisa** by the NOVA group, with exfiltration of 2 TB of data. For comprehensive ransomware defense strategies, check our [complete guide](/en/cms/insights/ransomware-attacks-italy-2024).

## Emerging threats: Generative AI, APT, and new attack surfaces

According to ACN, **40% of successful attacks** involved **generative AI** techniques to improve the effectiveness of phishing, deepfake, and social engineering. Ransomware-as-a-service fragmentation is growing, while attacks by state-sponsored **APT groups** are multiplying, particularly targeting digital infrastructure, energy, and telecommunications. Discover how [Aegister can help](/en/cms/insights/role-of-virtual-ciso) protect your organization from these advanced threats.

## Evolving regulations: NIS2 and DORA in focus

Italy continues implementing the [NIS 2 Directive](/en/cms/insights/nis2-obligations-italian-organizations-2025), with ACN sending PEC emails to obligated entities and publishing [minimum technical specifications](/en/cms/insights/nis2-basic-measures-acn) for cybersecurity and incident notification. For a detailed guide on NIS2 compliance, check our [dedicated insight](/en/cms/insights/aegister-nis-2-guide).

## GRC and corporate responsibility: attention to boards

According to the [WTW Directors & Officers 2025 survey](https://www.wtwco.com/en-cm/insights/2025/03/global-directors-and-officers-survey-report-2024-2025), **70% of Italian executives** consider cyber risk as the main threat. Attention to governance and training is strengthening, with increasing integration of cybersecurity into **231 models**, **ESG plans**, and **Enterprise Risk Management** frameworks. Learn how our [Virtual CISO service](/en/cms/insights/role-of-virtual-ciso) can support your organization.

## Strategic initiatives and European cooperation

In Italy, ACN and DTD promote cyber training for SMEs and public administration. At the European level, implementation of the [Cyber Solidarity Act](https://digital-strategy.ec.europa.eu/it/policies/cyber-solidarity) advances with the development of pan-European SOCs and rapid response task forces. In parallel, NATO exercises such as *Locked Shields 2025* also involve Italy, demonstrating the value of international cooperation. For more on collective defense strategies, read the [april report](/en/cms/insights/cyber-threats-italy-april-2025-summary).

## Support for compliance and resilience

[Aegister supports organizations](/en/cms/insights/role-of-virtual-ciso) in adapting to this evolving scenario through Virtual CISO services, NIS2 compliance solutions, and advanced threat intelligence. To discover how we can help strengthen your cybersecurity, visit our [solutions page](/en/solutions/).

## FAQ

### What is the focus of this article?

The article provides an official overview of the topic and the operational context discussed in the body.

### Where can readers find official references?

Official references are listed in the dedicated source section at the end of this article.

### How can organizations request follow-up details?

Organizations can contact Aegister through official channels to continue the assessment or implementation path.

## Official sources

- [Official reference 1](https://www.enisa.europa.eu/)
- [Official reference 2](https://www.nist.gov/cyberframework)
- [Official reference 3](https://www.agid.gov.it/)
- [Official reference 3](https://www.wtwco.com/en-cm/insights/2025/03/global-directors-and-officers-survey-report-2024-2025)
- [Official reference 3](https://digital-strategy.ec.europa.eu/it/policies/cyber-solidarity)

Share this post

## Related News

[![Cybersecurity Monthly Report – January 2025 (Italy, EU, Global)](/static/images/cms/cyber-monthly-report-jan-2025.webp)](/en/cms/insights/cybersecurity-monthly-report-january-2025/)

[Cybersecurity Monthly Report – January 2025 (Italy, EU, Global)](/en/cms/insights/cybersecurity-monthly-report-january-2025/)

[Aegister's January 2025 monthly cybersecurity report: DORA goes live, NIS2 registration milestones, key vulnerabilities (VPN/edge), ransomware policy signals, and operational actions for boards and security teams.](/en/cms/insights/cybersecurity-monthly-report-january-2025/)

[NIS2](/en/cms/keyword/nis2/)
[ACN](/en/cms/keyword/acn/)
+14

[![Cybersecurity Monthly Report – January 2026 (Italy, EU, Global)](/static/images/cms/cyber-monthly-report-jan-2026.webp)](/en/cms/insights/cybersecurity-monthly-report-january-2026/)

[Cybersecurity Monthly Report – January 2026 (Italy, EU, Global)](/en/cms/insights/cybersecurity-monthly-report-january-2026/)

[Aegister’s January 2026 monthly cybersecurity report: EU cybersecurity package with Cybersecurity Act revision and NIS2 simplification amendments, DORA supervisory maturity, edge/perimeter threats, and governance priorities for boards and security teams.](/en/cms/insights/cybersecurity-monthly-report-january-2026/)

[NIS2](/en/cms/keyword/nis2/)
[EU](/en/cms/keyword/eu/)
+15

[![NIS2 Documentary Evidence and Audit Readiness: How to Structure Compliance Proof](/static/images/cms/nis2-requisiti-di-base.webp)](/en/cms/insights/nis2-documentary-evidence-audit-readiness/)

[NIS2 Documentary Evidence and Audit Readiness: How to Structure Compliance Proof](/en/cms/insights/nis2-documentary-evidence-audit-readiness/)

[ACN baseline guidance requires documentary evidence as a core compliance element. Practical guide to evidence families, obligation-to-evidence mapping, version governance, and audit-readiness operating model.](/en/cms/insights/nis2-documentary-evidence-audit-readiness/)

[NIS2](/en/cms/keyword/nis2/)
[ACN](/en/cms/keyword/acn/)
+10

### NIS 2 Compliance with Aegister

Complete solutions for NIS 2 Directive compliance: expert consulting, implementation and ongoing support.

[Discover](/en/solutions/compliance/nis2/)