AI-Driven Cyberattacks Surge, Exposing Growing Vulnerabilities in European Businesses

The 2026 IBM X-Force Threat Intelligence Index reveals a troubling rise in cyberattacks globally, with Europe particularly impacted as the third most targeted region, accounting for 25% of all incidents in 2025, up from 23% the previous year. Cybercriminals are leveraging artificial intelligence (AI) to accelerate traditional attack methods, heightening the frequency and speed of cyber threats rather than inventing new tactics.

According to the IBM report, exploitation of software vulnerabilities remains the leading cause of security breaches, responsible for 40% of incidents. The rapid increase in attacks on publicly accessible applications has risen by 44%, reflecting attackers’ focus on exploiting widely used platforms. The financial sector in Europe has faced the brunt of this surge, suffering 39% of all attacks—a sharp increase from 18% in 2024—while globally, the manufacturing industry remains the most targeted, at 27.7% of incidents.

Additionally, ransomware attacks have surged by 49%, fueled by a fragmented cybercrime ecosystem and diminished barriers for entry, making it easier for criminals to launch such assaults. Supply chain and third-party compromises have nearly quadrupled since 2020, with attackers increasingly targeting CI/CD automation and SaaS integrations, which often grant extensive network access.

Mark Hughes, IBM’s Global Managing Partner for Cybersecurity Services, emphasized that the core issue for companies remains the large number of unpatched software vulnerabilities, as AI tools rapidly amplify attack efficiency. Notably, cybercriminal groups have adopted techniques once exclusive to state-sponsored actors, blurring the lines between criminal motivations.

Moreover, AI platforms themselves have become targets, with over 300,000 ChatGPT access credentials exposed in 2025 alone, highlighting the expanding threat landscape for businesses relying on AI technologies.

This data underscores the urgent need for organizations, especially those in Europe, to strengthen cybersecurity measures, promptly patch vulnerabilities, and improve authentication controls to counter the accelerating threat posed by AI-enhanced cyberattacks.