- Malware email attacks surge 131% year-over-year, accompanied by a rise in scams (+35%) and phishing (+21%)
- 77% of CISOs identified AI-generated phishing as a serious and emerging threat
- 68% of organisations invested in AI-powered protection in 2025
HANOVER, Germany, Nov. 19, 2025 /PRNewswire/ -- In a year defined by acceleration, Hornetsecurity's annual Cybersecurity Report revealed that threat actors embraced automation, artificial intelligence, and social engineering at unprecedented speed, while defenders raced to adapt governance, resilience, and awareness programmes to match.
Analysis of over 6 billion emails processed monthly (72 billion annually) confirmed that email was a consistent delivery vector for cyber-attacks in 2025. Malware-laden emails surged by 131% year-over-year, accompanied by a rise in both email scams (+34.7%) and phishing (+21%).
Threat actors were enabled to create even more convincing fraudulent content thanks to generative AI, with more than three-quarters of CISOs (77%) identifying AI-generated phishing as a serious and emerging threat. Nevertheless, defence teams are catching up, with 68% of organisations invested in AI-powered detection and protection capabilities against such threats this year.
Commenting on these findings, Daniel Hofmann, Hornetsecurity CEO, said: "AI is both a tool and a target, and attack vectors are expanding faster than many realise. The result is an arms race where both sides are using machine learning. On one side, the goal is to deceive; on the other, to defend and forestall.
"Attackers are increasingly using generative AI and automation to identify vulnerabilities, craft more convincing phishing lures, and orchestrate multi-stage intrusions with minimal human oversight."
AI's emerging cybersecurity threats: synthetic identity fraud, deepfakes & more
AI's potential for misuse has become a defining feature of the threat landscape, with 61% of CISOs believing AI has directly increased ransomware risk. For CISOs, the most pressing concerns include synthetic identity fraud, which uses AI to generate documents and credentials; voice cloning and deepfake videos to impersonate users; model poisoning, in which malicious data corrupts internal AI systems; and the employee misuse of public AI tools.
These emerging technologies blur the line between legitimate and malicious activity, making traditional security controls less effective, especially as cybercriminals seek to compromise trust rather than forced access.
The AI leadership awareness gap
Yet even as companies strengthen their recovery capabilities, many risk guarding an old goalpost. The next wave of attacks will target something less tangible but more powerful, and that is trust.
CISOs highlighted a wide disparity in leadership's understanding of AI-related risks this year. Some reported that their C-suite executives had a "deep awareness" to "no real understanding" of AI's role in such attacks. The median response across the board, however, was that there was some awareness, but it is clear that progress was inconsistent and varied widely from business to business.
Looking ahead, resilience, driven by a cultural change rather than prevention alone, will define cybersecurity success in 2026.
Hofmann adds, "The results of our report demonstrate that organisations are learning to recover without negotiating. But in-house security awareness efforts need to evolve at the pace of AI adoption.
"Few boards run cyber crisis simulations, and cross-functional playbooks remain the exception rather than the rule. As AI-driven misinformation and deepfake extortion become more commonplace, a security culture of readiness, backed by an awareness of AI and the possibilities it creates, will have to be a focus for 2026."
To read the full Cybersecurity Report, including its 2026 predictions, please click here.
About the survey
The study was conducted by the Hornetsecurity Security Lab, which reviewed over 72 billion emails that were processed through Hornetsecurity's security services during the reporting period (15 October 2024 - 15 October 2025).
About Hornetsecurity
Hornetsecurity is a leading global provider of next-generation cloud-based security, compliance, backup, and security awareness solutions that help companies and organisations of all sizes around the world. Its flagship product, 365 Total Protection, is the most comprehensive cloud security solution for Microsoft 365 on the market. Driven by innovation and cybersecurity excellence, Hornetsecurity is building a safer digital future and sustainable security cultures with its award-winning portfolio. Hornetsecurity operates in more than 120 countries through its international distribution network of 12,000+ channel partners and MSPs. Its premium services are used by more than 125,000 customers.
Content Authenticity Statement
GenAI has not been used to write this press release.
Infographic - https://mma.prnewswire.com/media/2824962/Hornetsecurity_1.jpg
Infographic - https://mma.prnewswire.com/media/2824963/Hornetsecurity_2.jpg
Logo - https://mma.prnewswire.com/media/2811982/5626574/Hornetsecurity_Logo.jpg
View original content:https://www.prnewswire.co.uk/news-releases/malware-attacks-see-131-spike-in-2025-leading-cybersecurity-report-finds-302619031.html
