CyberSecStats #54 - 80% of AI initiatives fall short, ransomware rebounds, and injection attacks target iOS
CyberSecStats #54 roundup: AI and ML credentials leaked at scale, gen AI initiatives missing KPIs, ransomware up 7% month over month, iOS injection attacks up 1,151%.
This Week’s Cybersecurity Eye-Openers
Three stats from this week worth thinking about.
1. Organizations are leaking AI and ML credentials at scale
41.88% of organizations have leaked AI or ML credentials in production, with 28.49% exposing Hugging Face tokens and 18.39% exposing OpenAI credentials.
2. Most AI initiatives are falling short
90% of organizations are running GenAI at scale, but only 20% of AI initiatives are meeting their KPIs, and 65% of CISOs lack confidence in their data security controls.
3. Ransomware rebounds, and GenAI keeps leaking data
Check Point’s March snapshot shows ransomware up 7% month over month, and 1 in every 28 GenAI prompts still poses a risk of leaking sensitive data.
Big Picture Reports
Threat Intelligence Report 2026 (iProov)
Gen AI is making identity fraud faster, cheaper, and more scalable. iOS devices are suddenly a major target.
iOS is now a major target:
- Injection attacks targeting iOS devices surged by 1,151% in the second half of 2025 compared with the same period in 2024.
- Southeast Asia experienced a 720% spike in attacks in Q3 2025.
- Injection attacks rose 14.9% in the first half of 2025 before surging in the second half.
March 2026 Cyber Threat Landscape (Check Point)
Check Point’s monthly numbers are in. Ransomware bounced back, and GenAI is quietly leaking sensitive data.
The March threat snapshot:
- 672 ransomware attacks were reported globally in March 2026, a 7% increase from February.
- 1 in every 28 GenAI prompts posed a high risk of sensitive data leakage in March 2026.
- The education sector was the most targeted industry, with an average of 4,632 cyber-attacks per organization per week.
AI and API Security
The Impact of Data Trust on AI Initiative Success (MIND and CISO Executive Network)
Most organizations have rushed to deploy AI without the data governance and security foundations to support it. CISOs are struggling to close the gap.
AI is outrunning its own foundations:
- 90% of organizations are running enterprise GenAI at scale.
- Only 20% of AI initiatives meet their intended KPIs.
- 65% of CISOs lack confidence in their data security controls.
AI and Non-Human Identities Are Outpacing Security Controls (Keeper Security)
Non-human and AI-driven identities are operating with privileged access across enterprises. Few are governed properly.
Who is watching the machines:
- 76% of cybersecurity professionals say non-human identities are not consistently governed under privileged access policies.
- Only 28% of organizations report full visibility into non-human identities across cloud, on-premises, and SaaS environments.
- More than 40% experienced a security incident involving non-human identities or credentials in the past year.
The State of AI and API Security, Navigating the Agentic Era (Salt Security)
AI agents are multiplying, and so are the APIs they rely on. Security is not keeping up.
APIs are wide open:
- 99% of API attack attempts originate from authenticated sources.
- 66% of organizations report API growth of more than 50% in the past year.
- Only 8% report advanced API security maturity.
Cloud
Cloud Cost Optimization In 2026 (Azul)
Nearly a quarter of cloud spend is wasted, and CFOs are starting to notice.
Cloud budgets are spiraling:
- 88% of U.S. CFOs and senior finance leaders report that their cloud spending is increasing.
- Average estimated cloud waste sits at nearly a quarter of total spend, equal to 23% of cloud expenditure.
- 66% of CFOs say cloud spend has become a board-level issue.
Application Security
2026 State of Application Security Report (Orca Security)
Cloud and AI adoption keep racing ahead of security basics. The gaps are showing.
The numbers are damning:
- 41.88% of production organizations have leaked AI or ML credentials.
- 46.20% of organizations remain exposed to Log4Shell years after disclosure.
- Over 77% leave high or critical container vulnerabilities unpatched for more than 90 days.
Fraud
Evolving Threats Beneath The Surface (LexisNexis Risk Solutions)
How fraudsters are staying ahead of defenders, with regional trends.
Fraud is transforming:
- Synthetic fraud showed an eight-fold global increase year over year.
- First-party fraud accounts for 38.3% of reported fraud globally and remains the leading fraud type for the second consecutive year.
- Agentic traffic rose 450% between January and December 2025.
Enterprise Perspective
2026 State of Exposure Management (Seemplicity)
Most enterprises say they are using AI for security. Few actually trust what it tells them.
AI adoption beats AI trust:
- 88% of enterprises have integrated AI into their security stacks.
- Only 31% fully trust AI-sourced recommendations to influence prioritization decisions.
- 43% admit their remediation processes are still ad hoc.
Industry-Specific
US Healthcare and Cyber Risk (Resilience)
What is actually driving cyber losses in healthcare, based on real insurance claims.
The healthcare threat picture:
- Individual extortion demands in healthcare reached as high as $4 million in the first half of 2025.
- Social engineering drove 88% of material losses in the first half of 2025, making human error the industry’s single most consequential vulnerability.
- Average claim severity increased from $800,000 in 2024 to more than $2 million per incident in 2025.
