# CyberSecStats #50 - Wireless risks, mid-market vibe checks, browser attacks and hybrid blind spots

> CyberSecStats #50: AI-generated email attacks grow 5x, 87% of AI coding PRs introduce vulnerabilities, 937 wireless CVEs in 2025, and mid-market confidence paradox.

Source: https://fmcybersecurity.com/en/insights/strategy/cybersecstats-50/
Locale: English
Other locale: https://fmcybersecurity.com/insights/strategy/cybersecstats-50/

## Metadata

- Date: 2026-03-17
- Author: fredrik-standahl
- Topic: strategy
- Format: news
- Scope: international

## This Week's Cybersecurity Eye-Openers

Three stats worth scanning this week.

**1. AI-generated email attacks grew 5x in 2025**

AI-generated spear phishing climbed from 2.8% to 13.9% of total observed phishing in 2025. AI-generated emails proved 75% more effective at evading traditional email filters.

**2. 87% of AI coding pull requests introduce vulnerabilities**

Of 30 pull requests analyzed across three leading coding agents (Claude, Codex, and Gemini), 26 introduced at least one vulnerability. No agent produced a fully secure application.

**3. Wireless vulnerabilities hit record levels in 2025**

Researchers disclosed an average of 2.5 new wireless-related vulnerabilities (routers, IoT, Bluetooth) per day in 2025, growing 20 times faster than conventional threats over the last 15 years.

## Big Picture Reports

### Global Cyber Attacks Near Record Highs in February 2026 Despite Ransomware Decline (Check Point)

Ransomware incidents declined sharply, but overall cyber attack rates remain near record highs.

**The attack picture:**

- The average number of weekly cyber attacks per organization reached 2,086, a 9.6% increase year over year.
- 629 ransomware attacks were reported globally in February 2026, a 32% decrease year over year.
- 1 in every 31 GenAI prompts in February posed a high risk of sensitive data leakage, with 88% of organizations using GenAI tools regularly impacted.

[Read the full report here.](https://blog.checkpoint.com/research/global-cyber-attacks-remain-near-record-highs-in-february-2026-despite-ransomware-decline/?ref=cybersecstats.com)

### 2026 Global Threat Intelligence Report (Flashpoint)

Everywhere in the world, attackers are moving faster, targeting identities, and using AI.

**Identity is the primary exploit vector:**

- 3.3 billion compromised credentials and cloud tokens make identity the primary exploit vector.
- 11.1 million machines were infected with infostealers in 2025.
- Zero-day vulnerabilities are being mass-exploited within 24 hours of discovery.

[Read the full report here.](https://flashpoint.io/resources/report/flashpoint-global-threat-intelligence-report-2026/?ref=cybersecstats.com)

### Observability Trends 2026 (SolarWinds)

IT teams are not seeing blind spots across hybrid environments, even as they reach for AI to address the visibility crisis.

**The observability gap:**

- 77% of IT professionals cite limited visibility across on-premises and cloud environments.
- 75% say the lack of coordination between teams (network, infrastructure, applications, database) hinders effective observability.
- 55% report using too many monitoring and observability tools.

[Read the full report here.](https://www.solarwinds.com/campaign/state-of-monitoring-and-observability?ref=cybersecstats.com)

## Cloud Security

### Cloud Threat Horizons Report H1 2026 (Google Cloud)

Third-party software compromises have overtaken weak credentials as the primary entry point for cloud attacks.

**The cloud attack shift:**

- Threat actors exploited third-party software-based entry 44.5% of the time, up from 2.9% in H1 2025.
- Threat actors targeted data in 73% of cloud-related incidents.
- 21% of investigated incidents involved compromised trusted relationships with third parties.

[Read the full report here.](https://cloud.google.com/security/report/resources/cloud-threat-horizons-report-h1-2026?ref=cybersecstats.com)

## Email Threats

### State of the AI Threat in Email (AegisAI)

AI-powered phishing is here, and email filters are not used to it.

**The AI phishing explosion:**

- AI-generated email attacks grew 5x in 2025.
- AI-generated emails are 75% more effective at evading traditional email filters.
- AI-generated emails reach the inbox more than half the time.

[Read the full report here.](https://www.aegisai.ai/state-of-the-ai-threat-in-email?ref=cybersecstats.com)

## Synthetic Media

### How Synthetic Media Is Reshaping Digital Trust (DuckDuckGoose)

Fake identity scams are now an industrial operation.

**The synthetic identity factory:**

- 55+ new synthetic media generators were released in Q4 2025.
- 1,030% growth in image-to-video models since 2024.
- 868,000 synthetic model variants are created monthly.

[Read the full report here.](https://www.duckduckgoose.ai/white-papers/when-identity-becomes-generatable?ref=cybersecstats.com)

## AI

### The ROI of Gen AI and Agents 2026 (Snowflake)

AI is creating more jobs than it eliminates, with organizations reporting positive returns on their AI investments.

**The AI workforce picture:**

- 77% of organizations report AI-driven job creation, compared to 46% reporting job losses. Among those experiencing both, 69% say the net impact has been positive.
- 53% of respondents say they use gen AI in cybersecurity.
- 61% said help desk and ticket automation is the leading IT and cybersecurity use case for gen AI.

[Read the full report here.](https://www.snowflake.com/en/lp/radical-roi-generative-ai/?utm_cta=press-release-roi-of-gen-ai-and-agents-2026&ref=cybersecstats.com)

### The Agentic Coding Security Report (DryRun Security)

AI coding agents are shipping vulnerabilities at scale.

**The AI code security crisis:**

- 26 of 30 pull requests (87%) introduce at least one vulnerability.
- No AI coding agent evaluated (Claude, Codex, Gemini) produced a fully secure application.
- Four authentication weaknesses appeared in every final codebase: insecure JWT verification, no brute force protections, token replay exposure, and insecure refresh token cookie defaults.

[Read the full report here.](https://www.dryrun.security/the-agentic-coding-security-report-pr?ref=cybersecstats.com)

## Wireless Security

### The State of Wireless Security in 2026 (Bastille)

Wireless vulnerabilities (Wi-Fi, Bluetooth, cellular, IoT protocols) are rising at a rate that makes conventional threat growth look glacial.

**The wireless vulnerability surge:**

- Researchers discovered an average of 2.5 new wireless vulnerabilities per day in 2025.
- Wireless vulnerabilities grew 20 times faster than conventional threats over the last 15 years.
- Wireless vulnerabilities have grown more than 230-fold since 2010.

[Read the full report here.](https://bastille.net/resource/the-state-of-wireless-security-in-2026/?ref=cybersecstats.com)

## Browser Security

### 2026 Browser Attack Techniques (Push Security)

Attackers are bypassing email entirely and using search engines to deliver malware through browsers.

**The browser as an attack vector:**

- 1 in 3 payloads intercepted by Push in 2025 were sent outside of email.
- 95% of in-browser attacks detected by Push used some form of bot protection service.
- 4 in 5 ClickFix payloads were accessed via search engines, the result of malvertising or infected webpages.

[Read the full report here.](https://pushsecurity.com/resources/browser-attacks-report?ref=cybersecstats.com)

### Data Trends and Risk Patterns in Global Online Traffic (Fingerprint)

Browser tampering rates on desktops have nearly doubled as VPNs have become mainstream and fraudsters have grown more sophisticated.

**The desktop fraud surge:**

- 4.4% of desktop browser sessions in 2025 showed signs of tampering.
- The rate of browser tampering on desktops nearly doubled between 2024 and 2025.
- 96% of detected automated activity on desktop devices is associated with fraudulent or abusive behavior.

[Read the full report here.](https://fingerprint.com/try/device-intelligence-report-2026/?ref=cybersecstats.com)

## Fraud

### The SentiLink Fraud Report, 2H 2025 (SentiLink)

Benchmarking based on 236+ million account applications across credit cards, auto lending, consumer lending, DDAs, and telecom.

**The fraud surge:**

- Identity theft rates peaked at 6.75% in the week of Christmas 2025.
- A bot attack briefly pushed identity theft rates at one major auto-lending partner to nearly 35%.
- Demand Deposit Account (DDA) identity theft averaged above 10%, a new high for the industry.

[Read the full report here.](https://resources.sentilink.com/fraud-report-h2-2025?ref=cybersecstats.com)

## Midmarket Security

### The Security Middle Child Report (Intruder)

Midmarket security leaders feel confident about threat detection and response, even when data points the other way.

**The midmarket confidence paradox:**

- 94% of midmarket security leaders are confident in their ability to identify and remediate critical risks before attackers exploit them.
- 51% say it would take approximately a week to assess their exposure to a critical zero-day.
- 46% say enterprise platforms assume more staff, budget, or complexity than they can support.

[Read the full report here.](https://www.intruder.io/downloads/security-middle-child-report?ref=cybersecstats.com)

## Industry-Specific

### State of Third-Party Risk Management 2026 (Ncontracts)

Financial institutions are managing hundreds of vendors with skeleton crews and little confidence in their AI oversight.

**The TPRM staffing crisis:**

- 63% of TPRM programs operate with just one or two dedicated full-time employees.
- 53% of TPRM programs manage 300 or more vendors.
- Financial institutions using manual TPRM processes are 71% more likely to receive exam findings.

[Read the full report here.](https://www.ncontracts.com/state-of-third-party-risk-management-survey-report?ref=cybersecstats.com)

### Cybersecure 2026 Report (Clever)

School districts are facing an escalating cybersecurity crisis driven by AI risks and vendor compromises.

**The K-12 security breakdown:**

- 52% of U.S. school districts experienced a cybersecurity incident in 2025, up from 36% in 2024 and 31% in 2023.
- Vendor-related cybersecurity incidents among school districts rose from 4% in 2023 to 32% in 2025.
- 80% of U.S. school districts believe AI is increasing their cybersecurity risk.

[Read the full report here.](https://www.clever.com/cybersecure-report?ref=cybersecstats.com)

### HIMSS 2026 Microsegmentation Survey on Healthcare (Elisity)

Healthcare organizations struggle to protect the medical devices that keep patients alive.

**The medical device blind spot:**

- 60% of healthcare leaders flag their inability to protect unpatchable or agentless devices as a critical or significant limitation.
- 56% report poor visibility of devices and asset inventory as a critical or significant limitation.
- 76% say it is highly important that a microsegmentation solution avoids disruption to clinical or operational workflows.

[Read the full report here.](https://www.elisity.com/blog/himss-medical-device-security-healthcare-microsegmentation?ref=cybersecstats.com)

## Regional Security Trends

### Australia's Cybersecurity Paradox (KnowBe4)

Australians are confident they can spot threats. Their actual security practices tell a different story.

**The confidence-behavior gap:**

- 76% of Australians feel confident spotting cyber threats.
- 66% of Australians reuse passwords across multiple online accounts.
- 53% of employed Australians prioritise protecting work accounts over personal accounts.

[Read the full report here.](https://www.knowbe4.com/hubfs/CR-0557-Australia-Q1-2026-YouGov-Survey-White-Paper-EN-AUS-Final.pdf?ref=cybersecstats.com)

---

For the full documentation index, see https://fmcybersecurity.com/llms.txt
For the complete corpus as a single document, see https://fmcybersecurity.com/llms-full.txt