Organisations worldwide are now facing an average of 1,968 cyber attacks every week, a 70% increase since 2023.
This comes from Check Point Software Technologies’ Cyber Security Report 2026, released on January 28, and points to a threat environment moving faster than many defences were built to handle.
Attacks now arrive as blended campaigns, mixing automation with human deception across email, browsers, collaboration tools and voice channels.
In simple terms, criminals are working at machine speed while organisations are still relying on innovations built for slower, manual threats.
The report shows that 89% of organisations encountered risky AI prompts within three months, with one in every 41 prompts rated high risk.
With AI tools becoming routine in daily work, they are opening new opportunities for data exposure and misuse, usually without employees realising it.
Ransomware has also changed shape. Instead of a few dominant groups, the ecosystem has splintered into smaller, specialised operators.
This helped drive a 53% year-on-year increase in extorted victims and a 50% rise in new ransomware-as-a-service groups. AI is now being used to speed up target selection, fine-tune negotiations and run operations more efficiently.
Social engineering is spreading well beyond email. The report records a 500% surge in “ClickFix” attacks, where fake technical prompts are used to trick users into taking harmful actions.
Phone-based impersonation has also evolved, moving from basic scams to structured attempts aimed at breaching corporate systems. As work happens inside browsers and collaboration platforms, the digital workspace itself is becoming a prime target.
Infrastructure weaknesses also increase the risk, with poorly monitored edge devices, VPN appliances and IoT systems being abused as quiet entry points, allowing attackers to blend into normal network traffic.
On the AI side, an analysis by Lakera, a Check Point company, found security weaknesses in 40% of 10,000 Model Context Protocol servers reviewed, underlining how exposed AI back-end systems can be.
Lotem Finkelstein, vice president of Research at Check Point Software, said: “AI is changing the mechanics of cyber attacks, not just their volume. We are seeing attackers move from purely manual operations to increasingly higher levels of automation, with early signs of autonomous techniques emerging.
“Defending against this shift requires revalidating security foundations for the AI era and stopping threats before they can propagate.”
Reacting faster is no longer enough. The report argues for a prevention-first approach, better control of AI use inside organisations, stronger protection of the digital workspace and better visibility across on-premises, cloud and edge environments.
Cyber threats are arriving at scale, by design, and at a pace that demands a fundamental rethink of how security is built and enforced.
