Global cyberattacks surge in November 2025 as ransomware and GenAI risks spike
ADVERTISEMENT
In November 2025, global cyber activity continued its upward trend, with organisations experiencing an average of 2,003 cyber-attacks per week. This represents a 3% increase from October, and a 4% rise compared to November 2024.
As per Check Point Research, it reasons that the steady escalation reflects a threat landscape shaped by intensified ransomware activity, attack surfaces, and the growing exposure risks associated with generative AI tools inside organisations.
The United States dominated the victim landscape with 52% of global cases, while the United Kingdom and Canada followed distantly at 4% and 3%, respectively.
The education sector remained the most targeted industry worldwide, marking a 7% year-over-year increase with an average of 4,656 attacks per organisation per week. It was followed by government entities, which experienced 2,716 weekly attacks (+2% YoY), closely followed by associations and non-profit organisations with 2,550 attacks per week, recording a striking 57% YoY surge.
From an industry perspective, industrial manufacturing emerged as the hardest-hit sector, representing 12% of all reported victims, as attackers continue exploiting operational dependencies and legacy systems. The Business Services sector followed closely at 11%, with consumer goods & services at 10%.
December 2025
The annual Fortune 500 India list, the definitive compendium of corporate performance, is out. This year, the cumulative revenue of the Fortune 500 India companies has breached $2 trillion for the first time. Plus, find out which are the Best B-schools in India.
In terms of geography, Latin America recorded the highest number of attacks per organisation in November, with an average of 3,048 weekly attacks, marking a 17% YoY increase, the largest rise globally. APAC followed with 2,978 attacks (–0.1% YoY), maintained the level of attacks, while Africa registered 2,696 attacks (–13% YoY). Europe saw a slight dip (–1% YoY), whereas North America experienced a 9% YoY increase making it as a major target for sophisticated and financially motivated threat groups.
“Over the past year, we have seen a trend of convergence in the number of attacks in the different regions of the world, with the gap between the bottom and top attacked regions narrowing from almost triple to only twice as high. While in a specific month we may see one region shift upwards or downwards – we can see all are heavily impacted and shifting closer towards the global average,” the study said.
Significant data-exposure risks have been introduced due to the widespread enterprise adoption of generative AI tool. In November 2025, Check Point observed that 1 in every 35 GenAI prompts carried a high risk of sensitive data leakage, impacting 87% of organisations that use GenAI regularly and underscoring how deeply AI has become embedded in daily workflows. An additional 22% of prompts contained potentially sensitive information such as internal communications, enterprises data, proprietary code, or personal identifiers. While some usage occurs through managed tools, organisations still average 11 different GenAI tools per month, most of which are likely unsupervised and operating outside formal security governance. Such misuse increases the likelihood of accidental data exposure, leading organisations to higher risk of malicious infiltration, ransomware and AI-powered cyberattacks.
Ransomware activity intensified notably in November 2025, with 727 reported attacks, marking a 22% rise compared to the same period last year. North America remained the epicentre of ransomware activity, accounting for 55% of all disclosed incidents, followed by Europe with 18%.