Global cyber attacks surged to an average of 2,003 per week per organization in November, reflecting a 3% uptick from October and a 4% increase compared to the same period last year, according to Check Point Research. This escalation in hostile activity against corporate and public networks has been attributed to the rise of ransomware operations and emerging risks associated with generative artificial intelligence (AI) tools.
Check Point’s analysis of enterprises employing generative AI tools revealed heightened exposure of sensitive and regulated data. In November, one in every 35 prompts sent from corporate networks to these tools posed a high risk of data leakage, affecting 87% of organizations that regularly utilize generative AI. The prompts frequently contained confidential information such as internal communications, customer records, proprietary software code, and personal identifiers.
Additionally, the research found that another 22% of prompts contained potentially sensitive data. This indicates a growing trend of employees leveraging AI tools for routine work tasks. Organizations reported using an average of 11 different generative AI tools monthly, most of which likely operate outside formal security and governance protocols, thereby increasing the chances of accidental data exposure. This also broadens the attack surface for criminals engaging in phishing, extortion, or AI-assisted intrusion campaigns.
The education sector emerged as the most targeted globally, with institutions experiencing an alarming average of 4,656 attacks per organization each week—representing a 7% year-on-year increase. Government organizations ranked second, facing an average of 2,716 weekly attacks, a 2% rise from last year. Non-profit organizations and associations saw the sharpest growth, averaging 2,550 attacks per organization per week, an increase of 57% over the last year.
These statistics highlight the ongoing digital pressure faced by public services and civil society groups, many of which operate outdated systems or have constrained security budgets. Regionally, Latin America recorded the highest attack volumes, with organizations experiencing an average of 3,048 weekly attacks, a 17% rise year-on-year. In contrast, the Asia-Pacific region saw relatively flat attack levels with a minor decline of 0.1%. Africa experienced a 13% drop in weekly attacks compared to November of the previous year, while Europe noted a modest 1% decrease. North America, however, bucked the trend with a 9% year-on-year increase, attributed in part to more intense ransomware activities.
Ransomware remained one of the most significant threats, with 727 publicly reported incidents worldwide in November, marking a 22% increase compared to the same month last year. North America accounted for 55% of these reported cases, while Europe represented 18%. The United States was the primary target, experiencing 52% of all reported ransomware incidents, with the United Kingdom and Canada accounting for 4% and 3%, respectively. Industrial manufacturing organizations were the most affected sector by share of victims, comprising 12% of the reported ransomware incidents, followed closely by business services firms at 11% and consumer goods and services companies at 10%.
Prominent ransomware groups identified during this period included Qilin and Clop, each responsible for 15% of victim disclosures, while Akira accounted for 12%. Check Point Research noted that the combination of rising attack volumes, ransomware proliferation, and AI-related data exposure signifies a shift in the methodologies employed by attackers.
“November’s data shows that along with the overall number of attacks continuing to rise, we see additional concern in the increasing sophistication behind these operations. The combination of ransomware growth and GenAI-related data exposure provides attackers with more tools and opportunities to execute damaging campaigns. The only effective approach is prevention-first, powered by real-time AI and proactive threat intelligence to block attacks before they cause harm,” said Omer Dembinsky, Data Research Manager at Check Point Research.
Check Point Research plans to continue monitoring trends in attacks and ransomware groups, with intentions to provide further updates on AI-related risks as enterprise use of generative tools expands. As organizations increasingly adopt these technologies, the imperative for robust security measures becomes ever more critical.
See also
AI Analytics Revolutionizes Real-Time Threat Detection for Enhanced Security Operations
BitsLab Launches AI-Agent Security Stack, Protecting $160B in On-Chain Value for 716M Users
Global Cyberattacks Surge 3% in November 2025, Ransomware Hits Record 727 Incidents
91% of Cybersecurity Pros Plan Increased Threat Intelligence Spending Amid AI Risks
OpenAI Enhances Security Measures to Combat AI-Driven Cyberattack Threats
