Cybercriminals are increasingly exploiting the simplest vulnerabilities in company networks, aided by artificial intelligence (AI) tools that expedite these attacks, according to a report by IBM released on Wednesday. The 2026 X-Force Threat Intelligence Index revealed a staggering 44% surge in attacks initiated through internet-facing systems, such as public websites and online applications.
This uptick is attributed to weaknesses like missing login checks, with attackers leveraging AI to identify these vulnerabilities at an unprecedented pace. IBM highlighted that software flaws were the primary driver behind the incidents it monitored last year, representing 40% of total cases. “They’re speeding it up with AI,” said Mark Hughes, IBM’s global managing partner for cybersecurity services.
In light of these rising threats, Hughes emphasized the need for security leaders to adopt a more proactive stance. He advised organizations to utilize advanced threat detection and response mechanisms to identify security gaps and mitigate risks before they escalate.
IBM’s report arrives as the UK government intensifies its efforts to strengthen cybersecurity measures, particularly among small and medium-sized enterprises (SMEs). Last week, ministers launched a campaign encouraging businesses to implement the ‘Cyber Essentials’ checklist. This initiative focuses on fundamental practices such as ensuring software is up to date and restricting access to accounts.
The UK government estimates that cyber threats cost businesses approximately £14.7 billion annually, with around half of small firms reporting a breach or attack within the past year. IBM’s findings underscore that UK companies remain particularly vulnerable through exposed systems and inadequate account protection.
The report further indicated that IBM’s security testing teams frequently uncover vulnerabilities related to access controls and configuration. These gaps are often overlooked yet can be easily exploited by attackers. Additionally, the study raised alarms about the risks associated with the use of AI tools within businesses, noting a significant prevalence of stolen login credentials relating to ChatGPT from the previous year.
IBM cautioned that compromised accounts linked to chatbots could facilitate the extraction of sensitive data or manipulation of information outputs. As the landscape of cybersecurity continues to evolve, the integration of AI into both offensive and defensive strategies presents new challenges for organizations worldwide.
In summary, the intersection of AI and cybersecurity is becoming increasingly pronounced, prompting both businesses and governments to take critical steps towards enhancing their defenses. The call for a proactive approach is echoed by industry leaders as they navigate an environment where cyber threats grow more sophisticated and damaging.
See also
IBM Reports 44% Surge in AI-Accelerated Cyberattacks Threatening Canadian Enterprises
CIOs Expect AI Cyber Attacks Soon; Only One-Third Feel Prepared to Respond
Gambit Security Secures $61M to Enhance AI Cybersecurity Platform for Ransomware Resilience
Gambit Security Secures $61M to Launch AI Platform for Business Resilience Post-Cyberattack
Cyberattacks Surge 34% Amid AI Rise, Targeting Education and Critical Infrastructure
