In November 2025, global cyber activity surged as organisations faced an average of 2,003 cyber-attacks per week, marking a 3% increase from October and a 4% rise compared to November 2024. According to Check Point Research, this steady escalation underscores a threat landscape increasingly influenced by intensified ransomware activities, expanding attack surfaces, and heightened exposure risks linked to the adoption of generative AI tools within organisations.
The United States remained the dominant target, accounting for 52% of global attacks, followed by the United Kingdom and Canada at 4% and 3%, respectively. The education sector was the most affected industry worldwide, experiencing a 7% year-over-year increase with an average of 4,656 attacks per organisation per week. Government entities followed closely, facing 2,716 weekly attacks (an increase of 2% YoY), while associations and non-profit organisations recorded a striking 57% increase, with 2,550 attacks per week.
From an industry perspective, industrial manufacturing was the hardest-hit sector, representing 12% of all reported victims as attackers exploited operational dependencies and outdated systems. The Business Services sector followed closely at 11%, while consumer goods and services accounted for 10% of the attacks. Geographically, Latin America reported the highest number of attacks per organisation in November, averaging 3,048 weekly attacks, a 17% year-over-year increase—the largest rise globally. The Asia-Pacific region followed with 2,978 attacks (down just 0.1% YoY), while Africa recorded 2,696 attacks (a decline of 13% YoY). Europe experienced a slight dip of 1% YoY, but North America saw a 9% year-over-year increase, becoming a prime target for sophisticated, financially motivated threat groups.
“Over the past year, we have seen a trend of convergence in the number of attacks across different regions, with the gap between the most and least attacked areas narrowing from nearly triple to only twice as high,” the study indicated. “While specific months may see fluctuations in regional attack volumes, all areas are significantly impacted and trending closer to the global average.”
The widespread adoption of generative AI tools has introduced significant data-exposure risks. In November, Check Point found that 1 in every 35 GenAI prompts posed a high risk of sensitive data leakage, affecting 87% of organisations that regularly utilize these tools. An additional 22% of prompts contained potentially sensitive information such as internal communications, enterprise data, proprietary code, or personal identifiers. Despite some usage occurring through managed tools, organisations averaged 11 different GenAI tools per month, many of which likely operated outside formal security governance, increasing the risk of data exposure and malicious infiltration.
Ransomware activity saw notable intensification in November 2025, with 727 reported attacks, a 22% increase compared to the same month last year. North America remained the epicentre of ransomware incidents, accounting for 55% of all disclosed cases, followed by Europe with 18%.
The ongoing rise in cyber-attacks highlights the urgent need for organisations to bolster their cybersecurity measures, particularly as they incorporate advanced technologies like generative AI into everyday operations. As cyber threats grow more sophisticated and widespread, maintaining robust security protocols will be critical for safeguarding sensitive data and infrastructure.
See also
91% of Cybersecurity Pros Plan Increased Threat Intelligence Spending Amid AI Risks
OpenAI Enhances Security Measures to Combat AI-Driven Cyberattack Threats
AI-Driven Security Observability Reduces Cyberattack Costs by £2.7M Annually for Businesses
AI-Driven Cyberattacks Fuel Shift to Password-less Security, Enhancing Digital Identity Management
Dechecker AI Checker Enhances Cybersecurity Reports with Human Insight and Clarity
