AI-Powered Cyberattacks Surging as Enterprises Fail to Close Basic Security Gaps, IBM Report Finds
IBM experts warn that as multimodal AI models mature, adversaries will further automate advanced attacks, creating faster-moving and more adaptive threats.
RMN Digital Enterprise Technology Desk
New Delhi | February 25, 2026
ARMONK, N.Y. – IBM has released its 2026 X-Force Threat Intelligence Index, revealing a dramatic escalation in cyberattacks fueled by artificial intelligence. The report highlights that while attackers are utilizing sophisticated new tools, they are primarily finding success by exploiting fundamental security weaknesses that businesses have yet to address.
According to the findings, there has been a 44% increase in attacks targeting public-facing applications, a trend largely driven by missing authentication controls and the use of AI to discover vulnerabilities at unprecedented speeds. Vulnerability exploitation has now become the leading cause of cyber incidents, accounting for 40% of all cases observed by X-Force in 2025.
AI Accelerating the Attacker Playbook
The report emphasizes that AI is not necessarily changing what attackers do, but how fast they can do it. “Attackers aren’t reinventing playbooks, they’re speeding them up with AI,” said Mark Hughes, Global Managing Partner for Cybersecurity Services at IBM. Hughes noted that because many vulnerabilities require no credentials, AI allows attackers to bypass human intervention and move directly from scanning a system to causing an impact.
The reach of AI-driven threats is also expanding into identity theft. In 2025, infostealer malware led to the exposure of over 300,000 ChatGPT credentials, signaling that AI platforms now face the same level of risk as core enterprise software. Compromised chatbot accounts allow attackers to manipulate outputs, exfiltrate data, or inject malicious prompts into corporate environments.
Ransomware Landscape and Supply Chain Risks
The ransomware ecosystem is becoming increasingly fragmented. While publicly disclosed victim counts rose by 12%, the number of active ransomware and extortion groups surged by 49%. This growth is attributed to lower barriers to entry, as smaller operators use leaked tools and AI to automate complex tasks like reconnaissance.
Furthermore, the pressure on global supply chains continues to mount. Large supply chain and third-party compromises have nearly quadrupled since 2020. This trend is driven by attackers exploiting trust relationships in software development workflows (CI/CD) and SaaS integrations, a problem expected to grow as AI-powered coding tools occasionally introduce unvetted code into the ecosystem.
Regional and Industry Targets
For the first time in six years, North America has emerged as the most attacked region, accounting for 29% of all observed cases. This is an increase from 24% in the previous year.
On an industrial level, manufacturing remains the top target for the fifth consecutive year, accounting for 27.7% of incidents. Data theft was identified as the most common goal for attacks within this sector.
A Call for Proactive Security
IBM experts warn that as multimodal AI models mature, adversaries will further automate advanced attacks, creating faster-moving and more adaptive threats. To combat this, security leaders are urged to move away from reactive measures and adopt agentic-powered threat detection to identify security gaps before they can be escalated by automated attacker tools.
Despite the rise of high-tech threats, the report concludes that basic security hygiene remains a critical failure point, with misconfigured access controls and poor credential hygiene remaining the most common entry points for attackers.
