IBM Finds 44% Surge in Application Attacks, 49% Ransomware Group Jump
IBM's 2026 X-Force Threat Intelligence Index reports a 44% rise in attacks exploiting public-facing applications and a 49% year-over-year jump in active ransomware and extortion groups. Supply-chain and third-party compromises have nearly quadrupled since 2020, while vulnerability exploitation drove 40% of incidents in 2025.
1. X-Force Threat Index Highlights
The X-Force Threat Intelligence Index shows a 44% increase in attacks exploiting missing authentication on public-facing applications, a 49% surge in active ransomware and extortion groups, and a nearly fourfold rise in supply-chain and third-party compromises since 2020.
2. AI-Driven Attack Acceleration
Vulnerability exploitation accounted for 40% of incidents in 2025, with AI tools enabling rapid scanning-to-impact cycles and infostealer malware exposing over 300,000 ChatGPT credentials, underscoring new identity risks in enterprise AI platforms.
3. Client Recommendations and Next Steps
IBM advises clients to adopt proactive, agentic-powered threat detection and response, enforce strong authentication and conditional access for AI services, and secure CI/CD pipelines. An informational webinar is scheduled for March 17 to discuss detailed mitigation strategies.