Cloudflare unveiled its Q2 2025 Global Internet Trends and Insights, revealing key shifts in web traffic patterns, cyberthreat volumes and security trends across global and regional landscapes.

Bashar Bashaireh, AVP Middle East, Türkiye & North Africa at Cloudflare

During Q2 2025, Cloudflare blocked an average of 190 billion cyberthreats every day worldwide, reflecting a 21% year-over-year (YoY) increase, even as threat volume dropped 23% quarter-over-quarter (QoQ) following a surge earlier this year. The company also handled an average of 5.8 trillion daily Internet requests globally, representing a 9% increase QoQ and a 40% jump YoY, highlighting the continued growth and scale of Internet usage.

Global Regional Breakdown – Q2 2025:

  • North America (NAMER):
  • 1.5 billion daily threats blocked
  •  Up 18% YoY, down 12% QoQ
  • Europe, Middle East and Africa (EMEA):
  • 62.7 billion daily threats blocked
  • Up 22% YoY, down 16% QoQ
  • Asia-Pacific (APAC):                
  • 57.4 billion daily threats blocked
  • Up 24% YoY, down 29% QoQ                  
  • Latin America (LATAM):
  •  19 billion daily threats blocked
  •  Up 15% YoY, down 36% QoQ

Kingdom of Saudi Arabia (KSA) – Regional Internet trends snapshot: KSA experienced no significant change in overall Internet traffic compared to Q1 2025. However, mitigated traffic (cyberthreats) decreased by 6% QoQ, signalling a relative easing of targeted attacks in the region. Daily request traffic:

  • 42.6 billion content requests served daily
  • 543 million (1%) of those were blocked as cyberattacks, a 6% decrease QoQ

Cyberthreats blocked daily:

  • 94 million cyberthreats blocked per day
  •  Seventy-six percent decrease QoQ, following an 890% spike in Q1 2025 due to sustained attacks on a Middle East project management training firm

Top targeted verticals in KSA:

  • Internet
  • Consumer Goods
  • Information Technology and Services
  • Airlines/Aviation

Primary defences against application layer attacks:

  • Web Application Firewall (WAF) rules: 92%
  • DDoS Mitigations: 8%
  • Most active WAF rules:
  • HTTP Anomaly (20%)
  • Cross-site Scripting – XSS (10%)
  • Directory Traversal (8%)

United Arab Emirates (UAE) – Regional Internet trends snapshot The UAE witnessed a 15% increase in Internet traffic in Q2 2025 vs. Q1. In parallel, mitigated traffic rose 17% QoQ, reflecting intensified threat activity.

Daily request traffic:

  • 17.4 billion content requests served daily
  • 787 million (5%) blocked as cyberthreats, primarily DDoS attacks originating in the UAE, a 17% increase QoQ

Cyberthreats blocked daily:

  • 1 billion cyberthreats blocked per day
  •  Sixty-three percent increase QoQ

Top targeted verticals in UAE:

  • Retail
  • Consumer Services
  • Banking, Financial Services and Insurance (BFSI)
  • Information Services

Primary defences against application layer attacks:

  • DDoS Mitigations: 50%
  • WAF Rules: 49%
  • Most active WAF rule categories:
  • HTTP Anomaly (16%)
  • SQL Injection – SQLi (9%)
  • Cross-site Scripting – XSS (6%)

“Cloudflare’s Q2 data reinforces the dual reality of the Internet today, while usage is accelerating at unprecedented rates, so are the sophistication and frequency of cyberthreats,” said Bashar Bashaireh, AVP Middle East, Türkiye and North Africa, Cloudflare. “Our mission remains focused on enabling a secure, fast and reliable Internet experience for every user, everywhere.”