 According to Cloudflare, the internet's second-largest content delivery network (CDN), global internet traffic grew nearly 20% in 2025. You and I watching more YouTube videos is not what's driving that growth. Much of this rise comes from bots, AI crawlers, and automated attacks rather than human users. At the same time, satellite connectivity, post-quantum encryption, and mobile-heavy use have reshaped how and where people access the internet. Cloudflare's 2025 Radar Year in Review shows global internet traffic rising by about 19% year over year, with growth accelerating sharply from late summer through November. Behind that overall growth, non-human activity expanded even faster. A significant share of global traffic passing through Cloudflare's network was classified as bot traffic, including search crawlers, AI agents, and outright malicious automation. In particular, AI bots are making life miserable for website owners as they strip-mine the net for large language model (LLM) data. Earlier this year, Cloudflare reported that 30% of global web traffic now comes from bots, with AI bots leading the way. These bots put tremendous pressure on websites, generating as many as 30 terabits of data requests in a single surge. That's high enough that the demands of AI bots amount to a Distributed Denial of Service (DDoS) attack. As a result, AI became a central driver of internet traffic in 2025. As Cloudflare CEO and co-founder Matthew Prince said in a statement, "The internet isn't just changing, it's being fundamentally rewired. From AI to more creative and sophisticated threat actors, every day is different." Googlebot again generated the highest request volume to Cloudflare, crawling millions of sites for both traditional search indexing and AI training. Googlebot is responsible for about 4.5% of all HTML requests across Cloudflare‑protected sites in 2025 and reaches 11.6% of unique pages in a focused AI‑crawler sample. Googlebot outpaces other AI-oriented crawlers -- such as OpenAI's GPTBot, the next most active AI crawler, and Microsoft's Bingbot -- by a wide margin. AI "user action" crawling bots, such as Perplexity's user agent, which fetch pages in response to chatbot prompts or agent workflows, grew more than 15-fold over the year. How we get to the internet keeps tilting in favor of smartphones. Today, 43% of us use smartphones to access the internet, with only 57% still using PCs. Digging deeper, while Apple iOS devices dominate in the US, iOS accounted for about 35% of global mobile traffic worldwide. Globally, Android remained the volume leader, accounting for 65%. The market share of other mobile operating systems is negligible. As for web browsers, it's no surprise that, according to Cloudflare's count, Google Chrome is the most popular browser, with 67.9% of the desktop market and 85.4% of the mobile market. On the desktop, Edge, Microsoft's Chrome-based browser, has 14.4%. FireFox? It's down to 6.7%. Inside the US, the federal government's Digital Analytics Program (DAP), with its running count of the last 90 days of US government website visits, also has Chrome on top with 64.6%. That's followed by Safari with 22.8%, thanks to America's love affair with iPhones, then Edge's 7.4%, and Firefox limping in at an ever-declining 1.7%. There are no surprises here. You could probably guess the top five websites: Google, Facebook, Apple, Microsoft, and Instagram. However, the more you look, the more interesting it gets. For example, in the AI arena, ChatGPT is at the top, followed by Claude/Anthropic in second place, and Perplexity in third. Copilot? It's in sixth place. Microsoft is putting Copilot into everything, and Windows Kitchen Sink doesn't seem to be working. The top five social networks, with Facebook at the top, have one surprise. LinkedIn is in fifth. Twitter/X? It's in the sixth spot. Video streaming remains dominated by YouTube. Netflix is in second place, followed by Twitch, Roku (Yes, Roku), and then Disney+ in fifth. Satellite internet moved from early-adopter novelty toward mainstream infrastructure. Cloudflare's data shows that Starlink traffic more than doubled globally in 2025, with overall request volume increasing by about 2.3 times over the year. That growth coincided with the launch of services in more than 20 new countries and regions, and continued uptake in markets where Starlink was already available. This expansion is bringing broadband to rural areas, where Starlink has become the default choice for users wanting fast internet. Cloudflare's network saw the impact as new clusters of traffic appeared in previously low-activity regions, while some markets experienced brief turbulence as terrestrial ISPs adjusted peering and routing to accommodate the new mix. For more trun to OUR FORUM.  The social media platform will have to pay $140 million for breaching the Digital Services Act. The US has accused Brussels of an “attack” on Americans after the EU fined Elon Musk’s social media platform X €120 million ($140 million) for violating the bloc’s content-moderation rules.  I reported on a data leak earlier this year that included a whopping 184,162,718 passwords and logins affecting the likes of Apple, Facebook and Instagram users. That data leak was disclosed on May 22, and now, in what coukld, or could not be, a rather spooky seeming coincidence, news of 183 million passwords and login credentials from an April 2025 leak has emerged. Adding the details of website URLs, email addresses and passwords to the Have I Been Pwned database, owner Troy Hunt said the data consisted of both “stealer logs and credential stuffing lists” including confirmed Gmail login credentials. While confirming that all major email providers have credentials within the leak database, including Microsoft Outlook and Yahoo, Hunt has said that “they’re from everywhere you could imagine, but Gmail always features heavily.” Here’s what we know and what you need to do. Have I Been Pwned is something a staple resource for anyone who is genuinely concerned about their account login security. Why so? Because it’s the go-to for discovering when any of your email addresses, accounts or passwords are found in data leaks, dark web password breach lists and the like. Best of all, it’s entirely free to use. When a new entry appears with the number of affected accounts being 183 million, and the compromised data listed as email addresses and passwords, more than a few heads will pop up above the parapets and pay attention. Mine certainly did following the Oct. 21 addition. Having done some digging for further information, I was drawn to a lengthy analysis by Hunt himself, which looked inside the Synthient threat data provided to HIBP. Benjamin Brundage from Synthient revealed in a blog posting that the data came from the results of monitoring infostealer platforms across the course of close to a year. The total amount of information sent to HIBP comprised 3.5 terabytes of data, 23 billion rows of it in all. The output of the stealer logs concerned, Hunt said, consisted primarily of three things: website address, email address and password. “Someone logging into Gmail,” Hunt wrote, “ends up with their email address and password captured against gmail.com, hence the three parts.” Of course, there’s a lot of recycling of credentials that goes on in the cybercriminal world, so Hunt initially wanted to check the freshness of the database he had in his hands. An analysis of a 94,000 sample revealed 92% were not, in fact, new. “Most of what has been seen before was in the ALIEN TXTBASE stealer logs,” Hunt confirmed. However, the math wizards out there will have noted that this steal leaves 8% that is new and fresh, or more than 14 million credentials if you extrapolate it. Actually, the final tally was 16.4 million previously unseen addresses in any data breach, not just stealer logs. HIBP also checks to see if the credentials are genuine by sending out some of the details to people on the subscriber base who are impacted. “One of the respondents was already concerned there could be something wrong with his Gmail account,” Hunt said, and that person was able to validate that the entry was “an accurate password on my Gmail account.” Google has taken to social media to try to stem the misreporting concerning this incident, which has been framed as 183 million Gmail accounts being breached, which is incorrect, as my article explains in some detail. I have reprinted the entire statement here in the hopes of adding even further clarification. “Reports of a “Gmail security breach impacting millions of users” are false. Gmail’s defenses are strong, and users remain protected. The inaccurate reports are stemming from a misunderstanding of infostealer databases, which routinely compile various credential theft activity occurring across the web. It’s not reflective of a new attack aimed at any one person, tool, or platform. Users can protect themselves from credential theft by turning on 2-step verification and adopting passkeys as a stronger and safer alternative to passwords, and resetting passwords when they are found in large batches like this. Gmail takes action when we spot large batches of open credentials, helping users reset passwords and resecure accounts.” Of course, it is not just Gmail users who will be affected by this leak, so I would advise everyone to go and check at HIBP to see if their account credentials might be included. I reached out to my contacts at Google for a statement, and a spokesperson told me: “This report covers broad infostealer activity that targets many types of web activities. When it comes to email, users can help protect themselves by turning on 2-step verification and adopting passkeys as a simpler and stronger alternative to passwords." Google also advised Gmail users that if they have any reason to believe that their accounts have been hacked, they should immediately sign in and review the account activity. If you can’t sign in, Google said, then head for the account recovery page and answer the questions that are presented to the best of your ability. “Additionally, to help users, we have a process for resetting passwords when we come across large credential dumps such as this,” Google noted. Of course, it is not just Gmail users who will be affected by this leak, so I would advise everyone to go and check at HIBP to see if their account credentials might be included. I reached out to my contacts at Google for a statement, and a spokesperson told me: “This report covers broad infostealer activity that targets many types of web activities. When it comes to email, users can help protect themselves by turning on 2-step verification and adopting passkeys as a simpler and stronger alternative to passwords." Google also advised Gmail users that if they have any reason to believe that their accounts have been hacked, they should immediately sign in and review the account activity. If you can’t sign in, Google said, then head for the account recovery page and answer the questions that are presented to the best of your ability. “Additionally, to help users, we have a process for resetting passwords when we come across large credential dumps such as this,” Google noted. Learn more by visiting OUR FORUM. |
Latest Articles
|