ENISA releases the ENISA Threat Landscape 2013, it a collection of information on top cyber-threats that have been assessed in the reporting period. More than 250 reports and sources have been considered to produce the document. The report confirms that web based attacks are predominant respect other cyber threats, cybercriminals use malicious URLs as the primary vector to serve malware. Java remains the most exploited software, to infect a web site. Drive-by-downloads remain the most insidious followed by Worms/Trojans and Code Injections.”]
Source: http://securityaffairs.co/wordpress/20423/cyber-crime/enisa-threat-landscape-2013.html