One in every 35 GenAI prompts posed a high risk of data leakage, impacting 87% of organisations that use GenAI regularly
Check Point Research, the Threat Intelligence arm of Check Point Software Technologies Ltd. released its Global Threat Intelligence insights for November 2025, revealing that organisations worldwide each faced an average of 2,003 cyberattacks per week.
This represents a 3% increase from October and a 4% rise year-over-year, reflecting a continued escalation in global cyber threats driven by ransomware expansion and risks linked to Generative AI (GenAI).
Of the four African countries included in the report, Angola faced 4,251 attacks per organisation per week, followed by Nigeria at 3,374, Kenya at 2,384, and South Africa at 1,863 attacks per organisation per week. Overall, attacks in Africa declined by 13% YoY. In terms of African industry sectors, government, financial services, and consumer goods and services were the most attacked in November.
GenAI Adoption Drives New Data Exposure Risks while Education Remains the Top Target
With enterprise use of Generative AI (GenAI) tools expanding rapidly, Check Point Research identified increasing exposure to sensitive data. On November, 1 in every 35 GenAI prompts submitted from enterprise networks posed a high risk of data leakage, impacting 87% of organisations that use GenAI regularly and underscoring how deeply AI has become embedded in daily workflows.
An additional 22% of prompts contained potentially sensitive information such as internal communications, customer data, proprietary code, or personal identifiers. While some usage occurs through managed tools, organisations still average 11 different GenAI tools per month, most of which are likely unsupervised and operating outside formal security governance. Such misuse increases the likelihood of accidental data exposure, leading organisations to higher risk of malicious infiltration, ransomware and AI-powered cyberattacks.
The Education sector remained the most targeted globally, averaging 4,656 weekly attacks per organisation (+7% YoY). Government institutions followed with 2,716 weekly attacks (+2% YoY), while Associations & Non-profits saw a dramatic increase with 2,550 attacks per week, marking a 57% year-over-year surge.
Regionally, Latin America reported the highest attack volumes, averaging 3,048 attacks per organisation per week (+17% YoY). APAC maintained the level of attacks (–0.1% YoY), Africa declined (–13% YoY), Europe experienced a slight 1% decrease, and North America recorded a 9% year-over-year rise, driven in part by intensified ransomware activity.
Ransomware Threat Landscape: Activity Spikes 22% Year-over-Year
Ransomware remained one of the most damaging cyber threats, with 727 publicly reported incidents globally in November, marking a 22% year-over-year increase. North America accounted for 55% of all reported cases, followed by Europe at 18%. The United States alone represented 52% of global incidents, followed by the United Kingdom (4%) and Canada (3%).
By industry, Industrial Manufacturing (12%), Business Services (11%), and Consumer Goods & Services (10%) were the most impacted sectors.
The leading ransomware groups in November were Qilin (15%), Clop (15%), and Akira (12%), collectively accounting for a substantial portion of victim disclosures.
Omer Dembinsky, Data Research Manager at Check Point Research, says: “November’s data shows that along with the overall number of attacks continuing to rise, we see additional concern in the increasing sophistication behind these operations. The combination of ransomware growth and GenAI-related data exposure provides attackers with more tools and opportunities to execute damaging campaigns. The only effective approach is prevention-first, powered by real-time AI and proactive threat intelligence to block attacks before they cause harm”.