Staying informed about the latest trends in cybersecurity threats is crucial for both individuals and organizations. Here are some of the most significant trends and threats that cybersecurity experts and Redditors have highlighted:

Rise of AI-Enabled Attacks

• AI-Enabled Hacking: Many experts predict that by the end of 2026, most hacking attacks will be AI-enabled, making them more sophisticated and harder to detect. "Most hacking attacks are AI-enabled by end of 2026!"

• AI-Based Phishing and Deepfakes: The use of AI in phishing, deepfake, and other identity-based threats is expected to increase significantly. "Rise in AI-based phishing, deepfake and other identity based threats"

Ransomware Evolution

• Sophisticated Ransomware: Recent cases show that ransomware has evolved to not only encrypt data but also to threaten the public exposure of sensitive information. "Ransomware attacks: Recent cases show that ransomware has evolved not only to encrypt data but also to threaten public exposure of sensitive information."

• Ransomware-as-a-Service (RaaS): The emergence of RaaS makes it easier for cybercriminals to deploy ransomware, increasing the frequency and impact of these attacks. "I think the biggest cybersecurity threat businesses face today is ransomware."

Phishing and Social Engineering

• Phishing-as-a-Service (PhaaS): PhaaS has exploded, making it easier for bad actors to launch convincing attacks. "Phishing-as-a-Service (PhaaS) exploded in 2025, making it easier for bad actors to launch convincing attacks."

• Sophisticated Phishing: There has been an increase in sophisticated phishing emails targeting both individuals and organizations. "Phishing campaigns: There has been an increase in sophisticated phishing emails targeting both individuals and organizations."

Insider Threats

• Data Breaches by Internal Actors: Data breaches caused by internal actors remain a significant concern, whether due to deliberate sabotage or careless handling of sensitive information. "Insider threats: Data breaches caused by internal actors remain a concern."

• Rise in Insider Risks Due to Gen AI: The use of generative AI by employees can lead to increased insider risks if not managed properly. "Rise in insider risks due to Gen AI"

Supply Chain Attacks

• Software Supply Chain Compromises: Supply chain attacks, especially from nation-state actors like North Korea, are becoming more prevalent. "Supply-chain attacks (especially North Korea)."

• AI-Generated Code and Dependencies: AI can be used to poison supply chains with malicious code and dependencies. "Supply-chain poisoning via AI-generated code and dependencies."

Malware Evolution

• Evasive Malware: New malware variants are increasingly able to evade traditional antivirus software, highlighting the need for proactive monitoring and threat intelligence. "Malware evolution: New malware variants are increasingly able to evade traditional antivirus software."

Human Factor

• Human Error and Weakest Link: People remain the weakest link in cybersecurity, with many incidents caused by human error rather than sophisticated attacks. "It's people as always. The weakest link."

• Stupidity of People: Employees often put sensitive data into AI tools, causing data exposure risks. "The biggest risk is stupidity of people, no matter what you put in, people will put sensitive data into AI."

Overhyped Trends

• AI Overhype: Many Redditors are tired of hearing about AI being used for things that are completely unrelated to AI. "I'm sick of 'AI' being used for things that are completely unrelated to AI."

• SIEM is Dead: Despite the buzz, some Redditors believe that the statement "SIEM is dead" is overhyped. "I am pretty tired of hearing many different companies say 'SIEM IS DEAD'."

Subreddits for Further Questions

• r/cybersecurity

• r/CyberSecurityJobs

• r/threatintel

• r/Cybersecurity101