DNSFilter releases 2026 annual security report

DNSFilter released its 2026 Annual Security Report, which reported increases in malicious domains, child sex abuse material and other threats and characterized the rise in threat volume as a daily, user-level problem.

Between October 2024 and September 2025 threat volume on DNSFilter's network grew 30 percent, and the report said the average internet user encountered 66 threats per day, up from 29. The report said the company processed more than 200 billion Domain Name System (DNS) queries daily during the period and blocked about 7 percent of all traffic, representing hundreds of millions of threats and preventing phishing attempts and malware execution.

The report said the network handled over 6 billion AI-related queries between October 2024 and September 2025, with Generative AI (GenAI) traffic rising month over month and a 102.13 percent increase in September 2025. It said malicious or impersonation GenAI site activity declined 92 percent from April 2024 to April 2025 while domains using the keyword “openai” rose, and that new domains accounted for over 65 percent of unique threat domains.

DNSFilter said it blocked 44 percent more child sex abuse material content in 2025 than in 2024, and that partner The Internet Watch Foundation detected 26,362 percent more Artificial Intelligence (AI) videos of CSAM in 2025 compared with 2024. The report covered October 2024 through September 2025 and was available for download, and the company said its technology blocked threats 10 days earlier than competitors, deployed in minutes instead of days, and was used by more than 43,000 organizations worldwide.

Ken Carnesi said: “Our research continues to show that DNS filtering is one of the most effective ways to stop attacks before they ever reach users. Every blocked request isn't just a data point; it's a real attack prevented in real time. This report puts hard numbers behind the scale of that threat and the real-world harm organizations face every day.”