Cyberattacks are on the rise as criminals increasingly exploit weak security controls, with the latest IBM 2026 X-Force Threat Intelligence Index revealing that artificial intelligence (AI) is accelerating the discovery of system vulnerabilities. The report highlights that attackers are predominantly targeting basic flaws in publicly accessible systems, underscoring a pressing need for enhanced cybersecurity measures.
According to the report, incidents involving the exploitation of public-facing applications surged by 44% globally. Many of these attacks were associated with systems lacking basic authentication controls. As AI tools become more sophisticated, they enable cybercriminals to scan for weaknesses at an unprecedented pace, thereby increasing the volume of successful breaches.
The report also indicates a troubling escalation in ransomware activity, with a 49% increase in active ransomware and extortion groups over the past year. While overall public victim disclosures rose by approximately 12%, the emergence of smaller, short-lived groups points to a more fragmented and dynamic ransomware environment.
Moreover, supply chain attacks have seen a dramatic increase, with significant compromises linked to suppliers or third-party services nearly quadrupling since 2020. Attackers are now focusing on environments where software is developed and deployed, particularly in continuous integration and continuous delivery (CI/CD) pipelines as well as software-as-a-service (SaaS) integrations. The findings illustrate a shift in the cyber threat landscape, where exploiting vulnerabilities has become the most common cause of cyber incidents, accounting for about 40% of attacks tracked by X-Force in 2025.
In the Asia-Pacific region, the threat is particularly pronounced. The report reveals that malware constituted roughly 45% of cyber activity, with spam and legitimate tools each making up 15%, and direct server access accounting for 10%. When attackers establish their initial foothold, they most frequently exploit public-facing applications (50%) or utilize stolen credentials (30%). This pattern suggests significant gaps in security practices, which are becoming more pronounced as the region’s digital infrastructure expands.
The implications of these attacks are serious, with data theft and reputational damage each representing about 14% of reported outcomes, while credential harvesting made up around 7%. Manufacturing companies were the most affected, comprising 65% of cases in the region, followed by finance and insurance at 17%, and transportation at 7%. “Attackers aren’t reinventing playbooks; they’re speeding them up with AI,” remarked Mark Hughes, Global Managing Partner for Cybersecurity Services at IBM. He emphasized that businesses are overwhelmed by software vulnerabilities, and the increased speed of attacks leaves security leaders with the urgent need to adopt more proactive approaches to identify and mitigate threats.
IBM’s findings also shine a light on vulnerabilities associated with AI platforms themselves. The report notes that in 2025, infostealer malware compromised over 300,000 ChatGPT credentials, indicating that AI tools are increasingly susceptible to the same security risks faced by traditional enterprise software. The potential consequences of compromised chatbot accounts are extensive, ranging from unauthorized access to sensitive data to the manipulation of AI outputs.
“Asia-Pacific continues to face a sharp increase in cyber threats, with attackers increasingly leveraging AI and exploiting gaps in basic security,” stated Catherine Lian, General Manager and Technology Leader for IBM ASEAN. She underscored the necessity for organizations to prioritize identity protection, secure configurations, and greater visibility across cloud and application environments to stay ahead of automated and adaptive threats.
The report also draws a connection between the proliferation of ransomware groups and the ease of access to attack tools. Leaked software and shared tactics on underground forums, combined with AI automation, are lowering the barriers for new groups entering the cybercrime ecosystem. The spread of techniques traditionally associated with nation-state hackers has further blurred the lines, as financially motivated groups adopt these methods for profit-driven attacks.
Notably, the Asia-Pacific region has emerged as the second most targeted area globally, accounting for 27% of incidents observed by X-Force. This trend appears to be fueled by rapid digital growth and geopolitical tensions, making the region an attractive target for cybercriminals. For the fifth consecutive year, manufacturing has been the most targeted sector worldwide, representing approximately 27.7% of all incidents tracked, with data theft as the predominant outcome. Within this sector, Asia-Pacific accounted for roughly 68% of manufacturing-related cases, highlighting the urgent need for robust cybersecurity strategies in the face of escalating threats.
See also
24.3% of Companies Paid Ransoms in 2025 as AI-Driven Cyberattacks Escalate
Iran Conflict Sparks Surge in AI-Driven Cyberattacks, Heightening Global Risks for Insurers
AI-Driven Cyberattacks Surge as 90% Target Vulnerable Third-Party Software
Ransom Payments Surge to 24.3% as AI-Enhanced Cyberattacks Target Companies
Netrust CEO Jen Capones-Tongco Urges Stronger Leadership Against AI Cyber Threats in Asia
