What’s happening: Cybercriminals are rapidly adopting artificial intelligence to automate and scale their attacks, creating new challenges for businesses in 2026. Small businesses, which often operate with limited budgets and face more vulnerabilities, are at particular risk.
Why this matters: The integration of AI into cybercrime means that attacks are becoming increasingly difficult to detect and more sophisticated. As companies move to web-based work environments and remote models, the attack surface expands, while many organizations leave browsers unprotected, exposing employees to malware and data loss.
Artificial intelligence has become a double-edged sword in the business world. As companies embraced AI-powered tools in 2025, cybercriminals were just as quick to weaponize the technology, according to Andrius Buinovskis, cybersecurity expert at NordLayer, a network security platform for enterprises.
Buinovskis explains that there will be even more AI-powered cyber threats in 2026, in addition to persistent risks that continue to challenge enterprise cybersecurity. He outlines four key threats that companies should keep a close eye on.
AI deepfakes mislead employees
The blurring line between basic and advanced social engineering makes detection and resistance significantly more difficult. Automated deepfake social engineering is a growing concern, allowing cybercriminals to conduct increasingly credible attacks.
“Bad actors could certainly use highly credible videos and phone calls to impersonate CEOs, third-party contractors or other employees to trick staff members into divulging sensitive information, accepting fake invoices or handing over credentials to infiltrate the network and carry out a large-scale attack,” Buinovskis said.
AI-based malware is another growing threat. Google recently identified the first instance of Just-in-Time AI malware, a new type that uses artificial intelligence to dynamically generate malicious code at runtime.
“JIT can dynamically generate malicious code and fly under the radar of traditional antivirus software that relies on static analysis,” says Buinovskis. “The ability to analyze the target’s system in real time and dynamically generate malicious code tailored to specific vulnerabilities, configurations or data makes it possible to conduct highly targeted attacks.”
Ransomware incidents are increasing worldwide
According to research from NordStellar, a threat management platform, ransomware incidents increased by 47% as of September 2025 compared to the same period in 2024. This trend will most likely continue into 2026, especially with AI-powered ransomware.
“Like other cybercriminals, ransomware groups are adopting AI and using it to scale their operations by automating the attacks,” says Buinovskis. “We have already seen how the rise of the ransomware-as-a-service model has lowered the barrier to entry for these attacks, allowing even hackers without the right technical skills to participate.”
If ransomware groups successfully implement AI and increase their efficiency, they will achieve the same profits with fewer staff, resulting in greater financial gain. This could serve as a catalyst for an even bigger ransomware spike in the longer term.
Browser becomes primary target
Malicious browser extensions raised browser security concerns in 2025, but they are not the only browser-related threat. The browser has become a substantial attack surface and the primary target for many dangerous attacks.
“As companies continue to adopt web-based software as a service and abandon the desktop for the web, the cyber risks that await employees in the browser are becoming more prominent and common,” says Buinovskis.
Malicious extensions, various phishing pages and infostealer malware are some of the major threats lurking in the browser, which is becoming the default channel for work-related tasks in many organizations. Although many organizations are moving to a browser-based work environment, it often remains unprotected, leaving more and more employees exposed to malware, browser-based exploits and data loss.
Insider threats cost millions
A study shows that 83% of organizations report experiencing at least one insider attack by 2024. Insider threats are complex and as enterprise attack surfaces continue to expand due to remote or hybrid working models and the introduction of shadow IT and shadow AI, the threat will continue to escalate.
“With so many factors contributing to the complexity of today’s cyber environment, it is becoming increasingly difficult to ensure a high degree of observability of what users are doing and prevent them from circumventing security policies,” says Buinovskis. “As a result, insider activity can go undetected for a significant period of time, enabling even more devastating cyber incidents.”
The current cybersecurity landscape and continued evolution of threats will ultimately lead to more cybersecurity incidents caused by user error, turning more employees into unintentional insiders.
Buinovskis emphasizes that to protect themselves from cyber threats looming in 2026, companies must prioritize developing a comprehensive cybersecurity strategy and increasing employee cybersecurity awareness. He emphasizes that small businesses, which often operate with limited IT budgets and face increased security concerns, should reconsider their cybersecurity policies as they are often the main targets of cybercriminal activity.
Stay up to date with our stories on LinkedIn, Tweet, Facebook And Instagram.
#cyber #threats #companies #ignore