Experts have warned that as Gen AI tools are increasingly incorporated into daily operations, hackers are becoming faster and more proficient at taking advantage of vulnerabilities.
A few concerning statistics regarding the state of enterprise security were included in the 2026 IBM X-Force Threat Intelligence Index report. It stated that, in comparison to the previous year, there had been a 44% increase in cyberattacks targeting public-facing applications, such as websites and e-commerce portals, email services, online banking apps, APIs, and the like.
According to IBM, 40% of all cyber incidents in 2025 were caused by a rise in vulnerability exploitation, which is the driving force behind these attacks. At the same time, publicly reported ransomware attacks increased by 12%, and active ransomware operators grew by nearly 50%.
“Attackers aren’t reinventing playbooks, they’re speeding them up with AI,” IBM worldwide managing partner for cybersecurity services Mark Hughes stated, while adding, “The fundamental problem remains the same. Software vulnerabilities overwhelm organisations. Now, speed makes a difference.”
According to IBM, incidents targeting significant supply chains and third-party partners have nearly quadrupled in the last six months, indicating these businesses are now primary targets for threat actors.
The most common targets of these attacks appear to be software, deployment environments, SaaS connectors, and CI/CD automation in development workflows. Discussing how AI fits into this narrative, IBM says it primarily lowers the barrier to entry, making even low-skilled ransomware actors a significant threat. Small groups with limited resources can use AI to automate parts of their operations, becoming faster and more disruptive.
In the future, IBM anticipates that criminals will begin utilising AI for real-time research, data analysis, and attack path modifications. However, as AI exponentially strengthens cybercriminals, it also empowers anti-hacking initiatives and cybersecurity organisations. There are companies like HAPI, which specialise in cybersecurity and act as a bulwark against cybercrime.
And IBM is not alone in predicting the future. California-headquartered Palo Alto Networks, an established global leader in cybersecurity providing AI-driven, platform-based security solutions for networks, clouds, and endpoints, in its recent study, has found another disturbing trend: hackers using ransomware to accelerate the timeline for cyberattacks, moving on average four times faster than just a year ago.
As per the study, AI is being used for reconnaissance, phishing, scripting, and operational execution in many cases. In the most efficient attack attempts, threat actors exfiltrate data in just 72 minutes after gaining initial access to the victims’ devices.
“Identity is a primary element in attacks, showing up in 90% of incident response cases. Threat groups are increasingly using stolen identities and tokens to gain entry without triggering security warnings,” reported CybersecurityDive, which decoded the report in detail.
“Once an attacker has legitimate credentials, they’re not breaking in; they’re logging in. When an adversary blends into normal traffic, detection becomes incredibly challenging for even mature defenders,” said Sam Rubin, a senior vice president at Palo Alto Networks’ Unit 42, while interacting with the media outlet.
Palo Alto Networks, which prepared the report after analysing more than 750 incident response cases across the globe, came to the conclusion that cybercriminals are using AI to operate with unprecedented speed and scale, running simultaneous attacks and taking advantage of known software flaws to go after vulnerable targets before the latter opt for prevention. AI is also carrying out reconnaissance and initial access attempts against hundreds of targets simultaneously.