惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

T
Threat Research - Cisco Blogs
博客园 - 聂微东
小众软件
小众软件
P
Proofpoint News Feed
Security Archives - TechRepublic
Security Archives - TechRepublic
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
TaoSecurity Blog
TaoSecurity Blog
博客园 - 司徒正美
罗磊的独立博客
N
News and Events Feed by Topic
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
S
Security Affairs
S
Security @ Cisco Blogs
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
The GitHub Blog
The GitHub Blog
月光博客
月光博客
S
Secure Thoughts
P
Proofpoint News Feed
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Forbes - Security
Forbes - Security
H
Heimdal Security Blog
W
WeLiveSecurity
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
L
LangChain Blog
T
The Blog of Author Tim Ferriss
NISL@THU
NISL@THU
Google DeepMind News
Google DeepMind News
Cloudbric
Cloudbric
H
Hacker News: Front Page
The Last Watchdog
The Last Watchdog
Hacker News - Newest:
Hacker News - Newest: "LLM"
C
Cisco Blogs
博客园 - 三生石上(FineUI控件)
博客园_首页
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
S
Schneier on Security
Project Zero
Project Zero
SecWiki News
SecWiki News
爱范儿
爱范儿
The Register - Security
The Register - Security
AI
AI
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Y
Y Combinator Blog
L
Lohrmann on Cybersecurity
Application and Cybersecurity Blog
Application and Cybersecurity Blog
P
Privacy International News Feed
J
Java Code Geeks
S
Securelist
C
Cyber Attacks, Cyber Crime and Cyber Security
V
Visual Studio Blog

Check Point Blog

AI Security Is Never Finished: Building the Continuous Red Teaming Loop  - Check Point Blog AI Security Threats in 2026: Annual Insights from Check Point Research - Check Point Blog AI Agents are Only As Effective as Their Harness - Check Point Blog Email Agent Hijacking: The Hidden Threat That Breaks Post-Delivery Security - Check Point Blog How Check Point Email Security Stopped a Student Job Scam Before It Reached the Inbox - Check Point Blog Redefining the CISO Contract: From Securing the Business to Securely Doing Business - Check Point Blog A New Ransomware Leader Emerges as June 2026 Attack Volumes Climb Worldwide How Unified Policies Close Security Gaps - Check Point Blog Under Pressure: Insights from the 2026 Exposure Gap Report - Check Point Blog When AI Invents the Attack: Browser-Native Ransomware - Check Point Blog Check Point and the AWS European Sovereign Cloud: Securing Europe’s Digital Future - Check Point Blog Shadow AI Is Not a Tool Problem. It's a Timing Problem. - Check Point Blog AI Is Changing Cyber Careers. NICE 2026 Showed What Students Need Next - Check Point Blog 90% of the World's Businesses are SMEs and MSMEs and AI Is Reshaping Both Their Future and Their Risk - Check Point Blog Prevention Before the Inbox: Reading the Microsoft Defender Benchmark Report in Context - Check Point Blog ClickFix: The Attack That Turns Users Into Their Own Attackers - Check Point Blog From Prompt Testing to AI Red Teaming at Enterprise Scale - Check Point Blog AI Has Moved From Assistance to Action. Is Your Security Model Ready? AI Security Governance: How to Secure AI Agents, Copilots, and Autonomous AI in 2026 - Check Point Blog OpenAI Frontier AI Models Powering Check Point's Leading Cyber Security Solutions The Operational Reality of Zero Trust- And How You Can Change It - Check Point Blog Amazon Prime Day 2026: Bargains Begin June 23 — and So Do the Scams - Check Point Blog Securing AI Agent Behavior with Amazon Bedrock AgentCore and CheckPoint AI Security - Check Point Blog What Successful Exposure Management Deployments Had in Common in 2026 - Check Point Blog From Stars to Upvotes: The Fake Reputation Economy Behind a Crypto Clipboard Hijackers - Check Point Blog AI Red Teaming Makes the Unknowns Known - Check Point Blog Check Point and Illumio Expand Partnership to Secure Hybrid Environments - Check Point Blog The NCSC Patch Wave Is Coming. Do You Know Where Your Risk Lives? - Check Point Blog NCSC Warns of AI-Driven Patch Wave: Is Your Attack Surface Ready? Energy, Healthcare, and Finance: Why Midwest Industries Are Facing Surging Cyber Attacks - Check Point Blog Midwest Cyber Attacks Surge in 2026: Energy, Healthcare, and Finance Under Growing Threat Travel Phishing and Cyber Attacks are Surging in 2026, Growing 122% over the last 3 years. Here's What Cyber Criminals Are Actually Doing - Check Point Blog Travel Phishing Scams Surge 122%: How Cybercriminals Are Targeting Travelers in 2026 The AI Your Security Team Can’t See Is the One You Should Worry About Check Point Engage Public Sector 2026: AI Is the New Battlefield Check Point Joins OpenAI’s Trusted Access for Cyber Program and Daybreak Initiative When Your AI Agent’s Memory Becomes a Security Liability AI Agents Are Becoming Enterprise Workers. Who Secures Them? Security Advisory – Action Required – Active Exploitation of Check Point VPN Authentication Bypass (CVE-2026-50751) Fraud, Ransomware, and Fake Apps Are Already Targeting FIFA 2026 The AI Defense Plane: Securing the New Enterprise Execution Layer The Meta AI Account Recovery Incident Wasn’t Just a Chatbot Problem Check Point Lays the Groundwork for the Future of AI Factory Security with NVIDIA - Check Point Blog Check ... The 2026 U.S. Midterms Have a Cyber Problem, But it’s Not at the Ballot Box The Server Seizure That Affects Also Iran’s Cyber Operations The Autonomous Security Platform Built for Attacker Speed Check Point Frontier AI Models Readiness Program – Security Update 2026 Cloud Security Report: Why Traditional Network, Cloud, and Security Architecture Are Lagging Behind t ... AI Attacks Are No Longer Experimental: Key Findings from the March-April 2026 AI Threat Landscape - Check ... Protect GenAI Chatbots with Check Point WAF The Network Security Problem No One Could Solve – Until Now. Hacktivists, Ransomware, and a 124% Surge Across DACH The Case for a Vulnerability Operations Center Before the First Whistle: How Cyber Criminals Are Targeting World Cup 2026 - Check Point Blog World Cup 20 ... When the Ransomware Gang Gets Hacked: What the Gentlemen Leak Reveals About Modern Ransomware Risk - Check ... Cyber Threats Spike in April 2026 as Ransomware Expands and Attack Volumes Climb After Short-Lived Moderation Q1 2026 Ransomware Report: Fewer Groups, Higher Impact - Check Point Blog World Password Day 2026: Why "Strong Passwords" Can’t Save You from AI, Infostealers, and the Telegram Underground - Check Point Blog Resilient by Design: When the Network Itself Becomes the Target AI Threat Readiness: Defending Against Attacks Powered by Frontier AI Models Check Point Cyber Security Now Available Across All Levels of U.S. Government - Check Point Blog Check Poi ... VECT Ransomware: Why Paying Won’t Get Your Files Back Check Point WAF Leads Application Security-Validated by Frost & Sullivan Check Point WAF Leads Application ... From Access Control to Outcome Control: Securing AI Agents with Check Point and Google Cloud Experience AI-Powered Check Point Firewall at Google Cloud Next AI Finds Every Gap: How Many Can Your Network Survive? The Gentlemen RaaS Is Surging in 2026 The Phishing Paradox: The World’s Most Trusted Brands Are Cyber Criminals’ Entry Point of Choice World Quantum Day 2026: The Harvest Has Already Begun, Are You Prepared? Why Manufacturing Cyber Security is Becoming More Complex as Cyber Attacks Accelerate March 2026 Cyber Threat Report: Ransomware & GenAI Risk PS Private Training: Turning Cyber Complexity into Operational Control Tax Season 2026: How Cyber Criminals Are Preparing Their Attacks Months in Advance Claude Mythos Wake-Up Call: What AI Vulnerability Discovery Means for Cyber Defense Iran-nexus Password Spray Campaign Targeting Cloud Environments, with a Focus on the Middle East ROI of Hybrid Mesh Network Security (IDC Study 2026) Operation TrueChaos: TrueConf Zero‑Day Supply‑Chain Attack ChatGPT Data Leak (Fixed Feb 2026): Key Takeaways Spring Cleaning Has Arrived: Meet the New Check Point Portal Experience North America’s Cyber Security Threat Reality in 2026
Global Cyber Attacks Ease in May 2026, But Ransomware Surges 48% As Threats Reorganize
lizwu@checkpoint.com · 2026-06-09 · via Check Point Blog
Attack Volumes Pull Back, But the Bigger Picture Tells a Different Story

In May 2026, global cyber-attack activity eased from April’s sharp rebound, though the underlying trends offer little genuine comfort. Organizations experienced an average of 2,055 weekly cyber-attacks, a 2% increase year over year and a short term 7% decrease month over month. While the monthly decline may read as stabilization, ransomware activity surged to its highest year-over-year growth rate of 2026, and GenAI-driven data exposure risks continued to deepen across enterprise environments.

Check Point Research data consistently shows that short-term volume moderation does not equal reduced risk. Adversaries keep recalibrating timing, tools, and targeting, and May is a clear example of that pattern.

The Sectors That Kept Taking the Hits

Education absorbed more attacks than any other industry in May, averaging 4,641 weekly attacks per organization, with year-over-year volumes climbing another 7%. The combination of open networks, high student turnover, and chronically stretched security budgets continues to make schools and universities an almost frictionless target. Government sat in second place at 2,620 weekly attacks, and Telecommunications followed at 2,583, both essentially where they were a year ago.

Where in the World Attacks Hit Hardest

The more interesting movement happened further down the list. Agriculture surged 51% year over year to 2,243 weekly attacks. Hospitality, Travel and Recreation climbed 24% to 2,291, and Construction and Engineering rose 23% to 1,999. These are not sectors anyone would have highlighted as cyber attack hotbeds two years ago. The growing digitization of their operations, combined with the sheer availability of automated attack tooling, is changing that calculation fast.

Latin America held the top spot for another month running, with 3,149 weekly attacks per organization and a 13% year-over-year increase, as rapid digitalization continues to outpace security maturity across the region. Africa posted the most dramatic shift of any region, down 20% year over year, though volumes remain high enough to keep it firmly in the danger zone.

GenAI: The Risk That Grows With Every New Tool Adopted

Enterprise GenAI adoption showed no signs of slowing in May, and neither did the exposure risks that come with it.

  • 1 in every 25 GenAI prompts from enterprise networks carried a high risk of sensitive data leakage
  • 91% of organizations using GenAI tools regularly were touched by this risk
  • A further 22% of prompts contained potentially sensitive information
  • Organizations ran an average of 9 different GenAI tools during the month
  • The average enterprise user sent 70 GenAI prompts per month

Every new tool adopted without a governance framework in place is another surface where credentials, intellectual property, and internal data can slip out quietly. The exposure does not announce itself.

Ransomware Recorded Its Sharpest Year-Over-Year Jump of 2026

If May had a headline, this was it. 698 ransomware attacks were reported globally, a 48% increase on May 2025, when 472 incidents were recorded. The growth landed across every region: Asia up 119%, EMEA up 40%, the Americas up 39%. This was not concentrated pressure from one geography or one group. It was broad-based acceleration.

Business Services bore the sharpest end of it, accounting for 35% of all ransomware victims and recording a year-over-year increase of 359%, from 54 incidents to 248 in a single month. Consumer Goods and Services grew 223%, and Industrial Manufacturing climbed 50% from last year.

North America absorbed 49% of reported incidents globally, followed by Europe at 22% and APAC at 19%. The United States alone accounted for 43% of all reported ransomware victims, with Canada (5.6%), the United Kingdom (4.6%), Germany (4.0%), and Spain (3.0%) rounding out the top five.

Three Groups Led, But 61 Were Active

Ransomware in May was dominated at the top but remarkably spread out everywhere else. The top three groups accounted for 39% of reported attacks, all growing above the average rate. The other 61% was distributed across 58 additional active groups, a level of fragmentation that reflects just how industrialized and competitive the ransomware market has become.

Qilin led the field at 14% of published attacks, continuing its expansion following RansomHub’s retirement and the aggressive affiliate recruitment drive it has been running since early 2025. The Gentlemen secured second place at 10%, a striking position for a group that had zero recorded activity in May 2025. Founded in mid-2025 by a former Qilin affiliate, the group built its early reach around self-service access to approximately 14,000 pre-exploited FortiGate devices and has since grown into a top global threat in under a year. Their May 2026 operator communications announced a tactical evolution away from brute-force EDR-killing toward surgical userland evasion, suggesting a group investing seriously in longevity. DragonForce climbed to third at 8%, having risen five positions since January 2026 by absorbing displaced RansomHub affiliates and running a white-label model that lets affiliates operate entirely independent brands on shared infrastructure.

Reading May Correctly

The dip in overall volumes is real, but it is the wrong thing to anchor on. Underneath it, ransomware posted its biggest year-over-year leap of the year, new groups matured at a pace that has no real precedent in recent history, and sectors that once sat comfortably outside the crosshairs are now absorbing thousands of incidents per month. The threat landscape is not pausing. It is reorganizing. A prevention-first, AI-powered security strategy across cloud, network, endpoint, and user environments is not just best practice in that context. It is the only realistic response to a landscape that adapts faster than reactive models can follow.