The cyber threats to watch in 2026 – and other cybersecurity news

Accelerating AI adoption, geopolitical fragmentation and widening cyber inequity are reshaping the global risk landscape, finds the latest Global Cybersecurity Outlook from the World Economic Forum.

Based on data from 800 global leaders, the 2026 report reveals that as attacks grow faster, become more complex and unevenly distributed, organizations and governments face rising pressure to adapt amid persistent sovereignty challenges and widening capability gaps. In the face of these challenges, three clear themes emerge:

When it comes to AI cybersecurity readiness, the data indicates a mixed picture. While the percentage of respondents assessing the security of AI tools ahead of deployment has nearly doubled over the past year (from 37% to 64%), 87% of leaders see AI-related vulnerabilities as the fastest-growing cyber risk.

When considering mitigation strategies, respondents are most likely to focus on geopolitically motivated attacks, the report says. In fact, 91% of organizations with over 100,000 employees have evolved their strategy because of geopolitical volatility.

There are also wide variances between different regions’ confidence that national cyber responses would protect critical infrastructure. While 84% of respondents in the Middle East and North Africa believe their countries are prepared, just 13% of those in Latin America and the Caribbean share this level of belief.

The regional contrasts underscore the importance of context in shaping cyber resilience. To gain deeper insights into how risks, preparedness levels and strategic priorities vary across different parts of the world and what this means for collaboration and collective action, explore these regional analyses of the Global Cybersecurity Outlook 2026.

Almost three-quarters of respondents (73%) say that someone in their network was personally affected by cyber-enabled fraud in 2025, with phishing (fraudulent emails), vishing (voice call scams), and smishing (text message scams) being the most common methods. When looking at organizations' preferred risk responses, a clear gap emerges between CEOs and CISOs, with the former most concerned over cyber-enabled fraud and phishing, and the latter ranking ransomware attacks as the greatest risk.

Following the report’s launch, I explored the key findings with an expert panel in a LinkedIn Live session. Participants agreed that collaboration will be vital over the coming years - organizations and governments must find ways to work together to strengthen baseline cybersecurity.

The US Federal Communications Commission (FCC) has urged telecoms businesses to strengthen their cybersecurity, citing recent data that revealed a fourfold increase in ransomware attacks since 2021.

In a 29 January alert, the Commission's Public Safety and Homeland Security Bureau warned: “Recent events show that some US communications networks are vulnerable to cyber exploits that may pose significant risks to national security, public safety and business operations."

Specifically, the bureau noted a rise in incidents involving small-to-medium-sized providers that disrupted service and locked companies out of critical files.

The guidance includes measures for both the prevention of attacks and the structured handling of active incidents:

Google has been given unconditional approval by the European Commission for its $32 billion acquisition of cybersecurity firm Wiz. The company’s biggest ever deal was given the go-ahead on 10 February after regulators said it would not raise competition concerns. "Google stands behind Amazon and Microsoft in terms of market shares in cloud infrastructure, and our assessment confirmed that customers will continue to have credible alternatives and the ability to switch providers," EU antitrust chief Teresa Ribera said in a statement.

Smartphone makers could be required to share source code with the Indian government and make software changes under new security proposals. The package of 83 security standards forms part of Prime Minister Narendra Modi’s plans to improve user data security in the face of rising data breaches and online fraud, according to Reuters. The plans are said to have drawn opposition from some manufacturers, citing risks to proprietary details.

Dutch telecoms company Odido has confirmed it has been affected by a cyberattack, with personal information from more than six million accounts being exposed. Stolen information has included customer names, telephone numbers, email addresses, bank account numbers and passport numbers. The company says the attack was first investigated on 7 February, and that “unauthorized access to the system was terminated”.

South Korea has attributed e-commerce retailer Coupang’s data breach to management failures, rather than a sophisticated attack. A former engineer familiar with flaws in the authentication process broke into the system in April, with the breach lasting until November. They attempted to gain access again in January. Speaking at a press conference, Choi Woo-hyuk, Deputy Minister for Cybersecurity and Network Policy, said: "The attacker exploited user authentication vulnerabilities to access user accounts without a proper login and caused large-scale unauthorised information leaks."

Off the ski slopes and beyond the ice rinks, another high-stakes competition is underway: securing the Milan-Cortina Winter Olympics’ cyberspace. With hackers targeting venues, hotels, and digital systems, and AI shaping both attacks and defences, Italian authorities and cybersecurity experts are racing to stay one step ahead. In this article, the Forum's digital editor Spencer Feingold explores the evolving threats and the measures being taken to protect the Games.

From standards bodies to computer emergency response teams, non-profits quietly underpin global cyber resilience in ways governments and markets can’t replicate alone. However, underfunding sees many organizations sit below the "security poverty line". Learn more about how collective investment can improve cyber equity and secure the internet for everyone.

Cybersecurity has moved from a technical concern to a core element of geopolitical competition, shaping how states, companies and societies manage risk and power. Building cyber resilience now depends on collaboration between business and government, as geopolitical shocks and hybrid threats expose deep interdependencies in the digital ecosystem.