Cybersecurity in 2026: AI as Both Sword and Shield

AI hasn’t just impacted cybersecurity recently – it has transformed the entire landscape. What was once a battle between human attackers and defenders has become an AI-augmented arms race.

ML algorithms now orchestrate attacks as well as defences. Meanwhile, geopolitical tensions have spilt into cyberspace with unprecedented intensity. Regulators worldwide have tightened their grip on digital operations. 

For organisations across every sector, 2025 delivered a sobering message: traditional security models are obsolete. Threats are smarter, stakes are higher, and regulatory scrutiny is more intense than ever before.

The 16 Billion Password Apocalypse

In June 2025, security researchers reported the largest data breach in history: over 16 billion passwords exposed across major platforms like Facebook, Google, Apple, and GitHub due to coordinated infostealer malware campaigns. Attackers not only captured passwords but also authentication cookies and session tokens, bypassing two-factor authentication (2FA). This led to a global surge in credential-stuffing attacks, weaponising this vast trove of stolen data.

UNFI Ransomware: When Groceries Go Dark

The same month saw United Natural Foods (UNFI), a critical U.S. grocery distributor, hit by a ransomware attack that encrypted its systems and halted operations. The ripple effects hit Whole Foods with delivery disruptions and empty shelves. This incident exposed the vulnerabilities of modern supply chains as interconnected digital ecosystems, where a single breach cascades widely. Attackers employed double extortion, threatening to publish sensitive supplier contracts and financial data. 

Collins Aerospace: Grounding Europe's Airports

September brought a cyber attack on Collins Aerospace, disrupting major European airports and causing flight delays, cancellations, and passenger chaos. The attack revealed how reliant aviation systems are on interconnected digital networks and highlighted the risk a single vendor vulnerability can pose to entire sectors. It forced aviation authorities to rethink cybersecurity and vendor risk management strategies.

PromptLock Changes Everything

PromptLock, a project from New York University, introduced the first truly AI-driven ransomware. Unlike traditional malware, PromptLock uses natural language processing to autonomously negotiate with victims, adjust demands based on financial data, craft targeted phishing emails, and learn from interactions, becoming more effective over time. Its real-world deployment in 2025 signalled the obsolescence of traditional defence models, requiring a fundamental rethink of security paradigms.

Deepfakes: 8 Million Reasons to Trust Nothing

Malicious deepfakes surged to 8 million in 2025, used in social engineering attacks that tricked executives into fraudulent wire transfers and compromised video or voice-based authentication systems. CFOs received calls from fake CEOs instructing millions in transfers, and HR departments interviewed entirely synthetic candidates. Facial and voice recognition systems became vulnerabilities rather than protections.