Check Point Research, the Threat Intelligence arm of Check Point Software Technologies, released its Global Threat Intelligence Report for October 2025, revealing that organisations worldwide each faced an average of 1938 cyberattacks per week. This represents a 2% increase from September and a 5% year-over-year rise, reflecting a continued escalation in global cyberthreats driven by the expansion of ransomware and risks associated with Generative AI (GenAI).
For the first time this year, Africa was pipped to the post as the most attacked region by Latin America, which averaged 2966 attacks per organisation per week (+16% YoY). Africa followed with (2782, – 15%) and APAC (2703, – 8%). Europe saw a moderate 4% rise, while North America recorded the steepest increase with 18% year-over-year growth, driven in part by intensified ransomware threats.
Of the four African countries covered in the report, Angola averaged 3254 attacks per organisation per week (-53% YoY), followed by Kenya at 2939 attacks per organisation per week (-17% YoY), Nigeria 2779 attacks per organisation per week (-33% YoY) and South Africa at 1878 attacks per organisation per week (+9%).
GenAI Adoption Drives New Data Exposure Risks
As the enterprise use of Generative AI (GenAI) tools expands rapidly, Check Point Research has identified an increasing exposure to sensitive data. In October, one in every 44 GenAI prompts submitted from enterprise networks posed a high risk of data leakage, impacting 87% of organisations that regularly use GenAI. An additional 19% of prompts contained potentially sensitive information such as internal communications, customer data, or proprietary code.
These risks coincide with an 8% increase in average daily usage among corporate users. Notably, there is a relative increase in the exposure of source code and credentials compared to other data types such as PII and financial information. While some usage occurs through managed tools, organisations still average 11 different GenAI tools per month – most of which are likely unsupervised.
The Education sector remained the most targeted globally, averaging 4470 weekly attacks per organisation (+5% YoY). The Telecommunications industry followed with 2583 weekly attacks (+2% YoY), while Government institutions faced 2550 attacks per week (–2% YoY), reflecting ongoing targeting of critical services and data-rich environments. Also important to note is the high 40% YoY increase in the Hospitality sector, as we near the holiday season, climbing from 8th to 5th in the top attacked industries in October.
Ransomware activity spikes 48%
Ransomware remained one of the most damaging cyberthreats, with 801 publicly reported incidents globally in October, marking a 48% YoY increase. North America accounted for 62% of all reported cases, followed by Europe (19%). The United States alone represented 57% of global incidents, followed by Canada (5%) and France (4%). By industry, Business Services (12%), Consumer Goods & Services (10,5%), and Industrial Manufacturing (10,4%) were the most impacted.
The leading ransomware groups in October were Qilin (22,7%), Akira (8,7%), and Sinobi (7,8%), collectively responsible for nearly 40% of reported attacks.
Omer Dembinsky, data research manager at Check Point Research, says. “October’s data shows that, along with the overall number of attacks climbing, the real concern is in the eventual results shown, for example, in the surge of successful ransomware attacks. In addition, the risks of data exposure via Generative AI and other means threaten to provide the attackers with additional tools to carry out future attacks. This evolution creates new challenges for defenders. The only effective approach is prevention-first, powered by real-time AI and proactive threat intelligence to block attacks before they cause damage.”
For the full October 2025 Global Threat Intelligence Report and additional insights, visit the Check Point Blog.
© Technews Publishing (Pty) Ltd. | All Rights Reserved.
printer friendly version