en.Wedoany.com Reported - Although the number of global cyberattacks in May 2026 decreased compared to April, the risk of cyber threats has not diminished. According to the latest data released by Check Point Research, organizations faced an average of 2,055 cyberattacks per week in May, a 2% increase year-over-year and a 7% decline from April. Researchers noted that the short-term dip in total attack volume does not indicate a reduction in risk, as attackers continue to adjust their strategies, timing, and targets.

The education sector remained the most heavily attacked. In May, educational institutions experienced an average of 4,641 attacks per week, a 7% increase year-over-year. The report attributes this to open digital environments, frequent personnel turnover, and limited cybersecurity resources. Government organizations ranked second with 2,620 attacks per week, followed by the telecommunications sector with 2,583 attacks per week. Some industries traditionally not primary targets saw more significant increases: agriculture grew 51% year-over-year to 2,243 attacks per week; the hotel, travel, and leisure industry rose 24% to 2,291 attacks; and the construction and engineering sector increased 23% to 1,999 attacks. Researchers partially attribute this trend to the rising digitalization of these industries and the proliferation of automated attack tools.

Regionally, Latin America was the most affected, with an average of 3,149 attacks per organization per week, a 13% increase from May 2025. The report notes that the region's digital transformation continues to outpace its cybersecurity preparedness. Although Africa recorded the largest regional decline, with attack volume down 20% year-over-year, overall activity levels remain high.

The use of generative AI (GenAI) tools by enterprises is introducing new risks. According to Check Point Research, 1 in every 25 GenAI prompts from corporate networks carries a high risk of sensitive data leakage, and 91% of organizations that frequently use GenAI tools have encountered such risks. May data shows that 22% of prompts contained potentially sensitive information, organizations used an average of 9 GenAI tools, and enterprise users submitted approximately 70 GenAI prompts per month. The research suggests that expanding AI adoption without clear governance frameworks may exacerbate the risk of leaking credentials, intellectual property, and internal business data.

Ransomware activity recorded its largest increase in May since the start of 2026. Globally, 698 incidents were reported, a 48% increase from 472 incidents in the same period in 2025. All major regions saw increases: Asia grew 119%, Europe, the Middle East, and Africa (EMEA) rose 40%, and the Americas increased 39%. By industry, business services accounted for the highest share at 35.1%, with incidents surging from 54 in May 2025 to 248; consumer goods and services grew 223%, and industrial manufacturing increased 50%. Other affected industries include financial services (5.7%), healthcare (5.4%), government (4.3%), information technology (3.9%), education (3.7%), and transportation and logistics (2.9%). North America was the region with the most ransomware incidents globally, accounting for 49%, followed by Europe at 22% and Asia-Pacific at 19%. The United States accounted for 43% of all reported victims globally, with other heavily affected countries including Canada (5.6%), the United Kingdom (4.6%), Germany (4.0%), and Spain (3.0%).

The ransomware ecosystem is becoming increasingly fragmented. The top three groups accounted for 39% of reported attacks, with the remaining 61% spread across 58 active groups. Qilin led with a 14% share, continuing its expansion following the alleged decline of RansomHub. Gentlemen ranked second with 10%, a group with no recorded activity during May 2025. DragonForce rose to third place with 8% of incidents after expanding its affiliate network. Researchers believe this fragmentation reflects a ransomware ecosystem that is becoming more industrialized and competitive.

Researchers warn that the decline in overall attack volume in May should not be interpreted as a reduction in risk. The accelerating growth of ransomware, the rapid emergence of new threat groups, and increasing pressure on previously less-targeted industries indicate that cyber threats are evolving rather than diminishing. As organizations expand their digital operations and accelerate AI adoption, cybersecurity strategies may need to cover a broader scope, including cloud infrastructure, endpoints, networks, and user environments.

This article is compiled by Wedoany. All AI citations must indicate the source as "Wedoany". If there is any infringement or other issues, please notify us promptly, and we will modify or delete it accordingly. Email: news@wedoany.com