Global cyber threats continued their upward trajectory in November 2025, with organisations worldwide facing an average of 2,003 cyberattacks per week, according to the latest Global Threat Intelligence report from Check Point Research.
This figure represents a 3 percent increase from October and a 4 percent rise compared to the same period last year, underscoring the escalating sophistication and frequency of cyberattacks driven by ransomware proliferation and emerging risks linked to Generative AI (GenAI).
The report highlighted Africa’s evolving cyber threat landscape, identifying Nigeria as the continent’s second most targeted country. Nigerian organizations experienced 3,374 attacks per organisation per week, trailing only Angola, which topped the list at 4,251 attacks. Kenya recorded 2,384 weekly attacks, while South Africa reported 1,863. Despite these high per-organization attack rates, Africa overall saw a 13 percent decline in attacks year-over-year. Key sectors under assault included government institutions, financial services, and consumer goods and services.
Generative AI adoption in enterprise networks has emerged as a double-edged sword, providing operational efficiencies while exposing organisations to significant data risks.
Check Point Research found that on November 1, in every 35 AI prompts submitted from enterprise systems, a high-risk data exposure occurred. About 87 percent of organisations using GenAI regularly were affected, highlighting how deeply AI tools have integrated into routine workflows. Furthermore, 22 percent of prompts included potentially sensitive data such as internal communications, customer information, proprietary code, or personal identifiers.
With organisations averaging 11 GenAI tools monthly with many likely unsupervised and outside formal security governance, the potential for accidental data leaks and subsequent ransomware or AI-powered attacks is markedly increased.
Sector-specific analysis revealed that the Education sector remained the most attacked globally, with an average of 4,656 weekly attacks per organisation, up 7 percent year-over-year. Government institutions followed with 2,716 weekly attacks (+2% YoY), while Associations & Non-profits saw an alarming 57 percent surge, averaging 2,550 attacks per week.
Regionally, Latin America led in attack volumes, with 3,048 attacks per organisation weekly (+17% YoY). In contrast, APAC held steady (–0.1% YoY), Europe experienced a slight decline of 1 percent , and North America recorded a 9 percent increase, largely fueled by intensified ransomware campaigns.
Ransomware continued to pose one of the most damaging cyber threats. November saw 727 publicly reported incidents globally, a 22 percent increase compared to the previous year. North America accounted for 55% of these cases, with the United States alone representing 52 percent, followed by the United Kingdom (4%) and Canada (3%). Industry-wise, Industrial Manufacturing (12%), Business Services (11%), and Consumer Goods & Services (10%) were the hardest hit. The leading ransomware groups the report noted include Qilin, Clop, and Akira, together represented a substantial share of reported victimisations, accounting for 42 percent of incidents.
Omer Dembinsky, data research manager at Check Point Research, emphasised the rising sophistication of attacks, stating, “November’s data shows that not only is the number of attacks continuing to rise, but attackers are leveraging more advanced techniques. The combination of ransomware growth and GenAI-related data exposure equips threat actors with powerful tools to launch damaging campaigns. The most effective defense remains prevention-first, underpinned by real-time AI and proactive threat intelligence to block attacks before they cause harm.”
The findings underscore an urgent need for organisations, particularly in Africa, to strengthen cybersecurity frameworks, implement AI governance policies, and prioritise real-time threat monitoring to mitigate the increasing risk posed by cybercriminals.
