CyberSecStats #50 - Wireless risks, mid-market vibe checks, browser attacks and hybrid blind spots

This Week’s Cybersecurity Eye-Openers

Three stats worth scanning this week.

1. AI-generated email attacks grew 5x in 2025

AI-generated spear phishing climbed from 2.8% to 13.9% of total observed phishing in 2025. AI-generated emails proved 75% more effective at evading traditional email filters.

2. 87% of AI coding pull requests introduce vulnerabilities

Of 30 pull requests analyzed across three leading coding agents (Claude, Codex, and Gemini), 26 introduced at least one vulnerability. No agent produced a fully secure application.

3. Wireless vulnerabilities hit record levels in 2025

Researchers disclosed an average of 2.5 new wireless-related vulnerabilities (routers, IoT, Bluetooth) per day in 2025, growing 20 times faster than conventional threats over the last 15 years.

Big Picture Reports

Global Cyber Attacks Near Record Highs in February 2026 Despite Ransomware Decline (Check Point)

Ransomware incidents declined sharply, but overall cyber attack rates remain near record highs.

The attack picture:

• The average number of weekly cyber attacks per organization reached 2,086, a 9.6% increase year over year.
• 629 ransomware attacks were reported globally in February 2026, a 32% decrease year over year.
• 1 in every 31 GenAI prompts in February posed a high risk of sensitive data leakage, with 88% of organizations using GenAI tools regularly impacted.

Read the full report here.

2026 Global Threat Intelligence Report (Flashpoint)

Everywhere in the world, attackers are moving faster, targeting identities, and using AI.

Identity is the primary exploit vector:

• 3.3 billion compromised credentials and cloud tokens make identity the primary exploit vector.
• 11.1 million machines were infected with infostealers in 2025.
• Zero-day vulnerabilities are being mass-exploited within 24 hours of discovery.

Read the full report here.

Observability Trends 2026 (SolarWinds)

IT teams are not seeing blind spots across hybrid environments, even as they reach for AI to address the visibility crisis.

The observability gap:

• 77% of IT professionals cite limited visibility across on-premises and cloud environments.
• 75% say the lack of coordination between teams (network, infrastructure, applications, database) hinders effective observability.
• 55% report using too many monitoring and observability tools.

Read the full report here.

Cloud Security

Cloud Threat Horizons Report H1 2026 (Google Cloud)

Third-party software compromises have overtaken weak credentials as the primary entry point for cloud attacks.

The cloud attack shift:

• Threat actors exploited third-party software-based entry 44.5% of the time, up from 2.9% in H1 2025.
• Threat actors targeted data in 73% of cloud-related incidents.
• 21% of investigated incidents involved compromised trusted relationships with third parties.

Read the full report here.

Email Threats

State of the AI Threat in Email (AegisAI)

AI-powered phishing is here, and email filters are not used to it.

The AI phishing explosion:

• AI-generated email attacks grew 5x in 2025.
• AI-generated emails are 75% more effective at evading traditional email filters.
• AI-generated emails reach the inbox more than half the time.

Read the full report here.

Synthetic Media

How Synthetic Media Is Reshaping Digital Trust (DuckDuckGoose)

Fake identity scams are now an industrial operation.

The synthetic identity factory:

• 55+ new synthetic media generators were released in Q4 2025.
• 1,030% growth in image-to-video models since 2024.
• 868,000 synthetic model variants are created monthly.

Read the full report here.

AI

The ROI of Gen AI and Agents 2026 (Snowflake)

AI is creating more jobs than it eliminates, with organizations reporting positive returns on their AI investments.

The AI workforce picture:

• 77% of organizations report AI-driven job creation, compared to 46% reporting job losses. Among those experiencing both, 69% say the net impact has been positive.
• 53% of respondents say they use gen AI in cybersecurity.
• 61% said help desk and ticket automation is the leading IT and cybersecurity use case for gen AI.

Read the full report here.

The Agentic Coding Security Report (DryRun Security)

AI coding agents are shipping vulnerabilities at scale.

The AI code security crisis:

• 26 of 30 pull requests (87%) introduce at least one vulnerability.
• No AI coding agent evaluated (Claude, Codex, Gemini) produced a fully secure application.
• Four authentication weaknesses appeared in every final codebase: insecure JWT verification, no brute force protections, token replay exposure, and insecure refresh token cookie defaults.

Read the full report here.

Wireless Security

The State of Wireless Security in 2026 (Bastille)

Wireless vulnerabilities (Wi-Fi, Bluetooth, cellular, IoT protocols) are rising at a rate that makes conventional threat growth look glacial.

The wireless vulnerability surge:

• Researchers discovered an average of 2.5 new wireless vulnerabilities per day in 2025.
• Wireless vulnerabilities grew 20 times faster than conventional threats over the last 15 years.
• Wireless vulnerabilities have grown more than 230-fold since 2010.

Read the full report here.

Browser Security

2026 Browser Attack Techniques (Push Security)

Attackers are bypassing email entirely and using search engines to deliver malware through browsers.

The browser as an attack vector:

• 1 in 3 payloads intercepted by Push in 2025 were sent outside of email.
• 95% of in-browser attacks detected by Push used some form of bot protection service.
• 4 in 5 ClickFix payloads were accessed via search engines, the result of malvertising or infected webpages.

Read the full report here.

Data Trends and Risk Patterns in Global Online Traffic (Fingerprint)

Browser tampering rates on desktops have nearly doubled as VPNs have become mainstream and fraudsters have grown more sophisticated.

The desktop fraud surge:

• 4.4% of desktop browser sessions in 2025 showed signs of tampering.
• The rate of browser tampering on desktops nearly doubled between 2024 and 2025.
• 96% of detected automated activity on desktop devices is associated with fraudulent or abusive behavior.

Read the full report here.

Fraud

The SentiLink Fraud Report, 2H 2025 (SentiLink)

Benchmarking based on 236+ million account applications across credit cards, auto lending, consumer lending, DDAs, and telecom.

The fraud surge:

• Identity theft rates peaked at 6.75% in the week of Christmas 2025.
• A bot attack briefly pushed identity theft rates at one major auto-lending partner to nearly 35%.
• Demand Deposit Account (DDA) identity theft averaged above 10%, a new high for the industry.

Read the full report here.

Midmarket Security

The Security Middle Child Report (Intruder)

Midmarket security leaders feel confident about threat detection and response, even when data points the other way.

The midmarket confidence paradox:

• 94% of midmarket security leaders are confident in their ability to identify and remediate critical risks before attackers exploit them.
• 51% say it would take approximately a week to assess their exposure to a critical zero-day.
• 46% say enterprise platforms assume more staff, budget, or complexity than they can support.

Read the full report here.

Industry-Specific

State of Third-Party Risk Management 2026 (Ncontracts)

Financial institutions are managing hundreds of vendors with skeleton crews and little confidence in their AI oversight.

The TPRM staffing crisis:

• 63% of TPRM programs operate with just one or two dedicated full-time employees.
• 53% of TPRM programs manage 300 or more vendors.
• Financial institutions using manual TPRM processes are 71% more likely to receive exam findings.

Read the full report here.

Cybersecure 2026 Report (Clever)

School districts are facing an escalating cybersecurity crisis driven by AI risks and vendor compromises.

The K-12 security breakdown:

• 52% of U.S. school districts experienced a cybersecurity incident in 2025, up from 36% in 2024 and 31% in 2023.
• Vendor-related cybersecurity incidents among school districts rose from 4% in 2023 to 32% in 2025.
• 80% of U.S. school districts believe AI is increasing their cybersecurity risk.

Read the full report here.

HIMSS 2026 Microsegmentation Survey on Healthcare (Elisity)

Healthcare organizations struggle to protect the medical devices that keep patients alive.

The medical device blind spot:

• 60% of healthcare leaders flag their inability to protect unpatchable or agentless devices as a critical or significant limitation.
• 56% report poor visibility of devices and asset inventory as a critical or significant limitation.
• 76% say it is highly important that a microsegmentation solution avoids disruption to clinical or operational workflows.

Read the full report here.

Regional Security Trends

Australia’s Cybersecurity Paradox (KnowBe4)

Australians are confident they can spot threats. Their actual security practices tell a different story.

The confidence-behavior gap:

• 76% of Australians feel confident spotting cyber threats.
• 66% of Australians reuse passwords across multiple online accounts.
• 53% of employed Australians prioritise protecting work accounts over personal accounts.

Read the full report here.