Check Point Research for November reports increased global cyber attacks at 2,003 weekly per organisation as ransomware rises 22% and emerging GenAI threats fuel new data risks

One in every 35 GenAI prompts posed a high risk of data leakage, impacting 87% of organisations that use GenAI regularly 

Johannesburg, SA – December 10, 2025 –Check Point Research, the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a pioneer and global leader of cyber security solutions, today released its Global Threat Intelligence insights for November 2025, revealing that organisations worldwide each faced an average of 2,003 cyberattacks per week. 

This represents a 3% increase from October and a 4% rise year-over-year, reflecting a continued escalation in global cyber threats driven by ransomware expansion and risks linked to Generative AI (GenAI).  

Of the four African countries included in the report, Angola faced 4,251 attacks per organisation per week, followed by Nigeria at 3,374, Kenya at 2,384, and South Africa at 1,863 attacks per organisation per week.  Overall, attacks in Africa declined by 13% YoY. In terms of African industry sectors, government, financial services, and consumer goods and services were the most attacked in November.

GenAI Adoption Drives New Data Exposure Risks while Education Remains the Top Target

With enterprise use of Generative AI (GenAI) tools expanding rapidly, Check Point Research identified increasing exposure to sensitive data. On November, 1 in every 35 GenAI prompts submitted from enterprise networks posed a high risk of data leakage, impacting 87% of organisations that use GenAI regularly and underscoring how deeply AI has become embedded in daily workflows. 

An additional 22% of prompts contained potentially sensitive information such as internal communications, customer data, proprietary code, or personal identifiers. While some usage occurs through managed tools, organisations still average 11 different GenAI tools per month, most of which are likely unsupervised and operating outside formal security governance. Such misuse increases the likelihood of accidental data exposure, leading organisations to higher risk of malicious infiltration, ransomware and AI-powered cyberattacks.

The Education sector remained the most targeted globally, averaging 4,656 weekly attacks per organisation (+7% YoY). Government institutions followed with 2,716 weekly attacks (+2% YoY), while Associations & Non-profits saw a dramatic increase with 2,550 attacks per week, marking a 57% year-over-year surge.

Regionally, Latin America reported the highest attack volumes, averaging 3,048 attacks per organisation per week (+17% YoY). APAC maintained the level of attacks (–0.1% YoY), Africa declined (–13% YoY), Europe experienced a slight 1% decrease, and North America recorded a 9% year-over-year rise, driven in part by intensified ransomware activity.

Ransomware Threat Landscape: Activity Spikes 22% Year-over-Year

Ransomware remained one of the most damaging cyber threats, with 727 publicly reported incidents globally in November, marking a 22% year-over-year increase. North America accounted for 55% of all reported cases, followed by Europe at 18%. The United States alone represented 52% of global incidents, followed by the United Kingdom (4%) and Canada (3%).

By industry, Industrial Manufacturing (12%), Business Services (11%), and Consumer Goods & Services (10%) were the most impacted sectors.

The leading ransomware groups in November were Qilin (15%), Clop (15%), and Akira (12%), collectively accounting for a substantial portion of victim disclosures.

Omer Dembinsky, Data Research Manager at Check Point Research, says: “November’s data shows that along with the overall number of attacks continuing to rise, we see additional concern in the increasing sophistication behind these operations. The combination of ransomware growth and GenAI-related data exposure provides attackers with more tools and opportunities to execute damaging campaigns. The only effective approach is prevention-first, powered by real-time AI and proactive threat intelligence to block attacks before they cause harm”.

For additional insights of November 2025 cyber trends, visit the Check Point Blog.

Follow Check Point on LinkedIn, X (formerly Twitter), Facebook, YouTube and our blog.

About Check Point Research

Check Point Research provides leading cyber threat intelligence to Check Point Software customers and the greater intelligence community. The research team collects and analyzes global cyber-attack data stored on ThreatCloud to keep hackers at bay, while ensuring all Check Point products are updated with the latest protections. The research team consists of over 100 analysts and researchers cooperating with other security vendors, law enforcement and various CERTs. 

About Check Point Software Technologies Ltd. 

Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading protector of digital trust, utilizing AI-powered cyber security solutions to safeguard over 100,000 organisations globally. Through its Infinity Platform and an open garden ecosystem, Check Point’s prevention-first approach delivers industry-leading security efficacy while reducing risk. Employing a hybrid mesh network architecture with SASE at its core, the Infinity Platform unifies the management of on-premises, cloud, and workspace environments to offer flexibility, simplicity and scale for enterprises and service providers.

Legal Notice Regarding Forward-Looking Statements

This press release contains forward-looking statements. Forward-looking statements generally relate to future events or our future financial or operating performance. Forward-looking statements in this press release include, but are not limited to, statements related to our expectations regarding our products and solutions and Lakera’s products and solutions, our ability to leverage Lakera’s capabilities and integrate them into Check Point, our ability to deliver end-to-end AI security stack, our foundation of the new Check Point’s Global Center of Excellence for AI Security, and the consummation of the acquisition.  Our expectations and beliefs regarding these matters may not materialise, and actual results or events in the future are subject to risks and uncertainties that could cause actual results or events to differ materially from those projected. The forward-looking statements contained in this press release are also subject to other risks and uncertainties, including those more fully described in our filings with the Securities and Exchange Commission, including our Annual Report on Form 20-F filed with the Securities and Exchange Commission on March 17, 2025. The forward-looking statements in this press release are based on information available to Check Point as of the date hereof, and Check Point disclaims any obligation to update any forward-looking statements, except as required by law.