Artificial intelligence is moving to the centre of the cybersecurity conversation as ransomware activity rises, major breaches continue across industries, and governments start tightening oversight of advanced AI systems. What once sat at the edges of security planning is now shaping how attackers operate, how defenders respond, and how policymakers think about risk.
Recent developments show that cyber threats are not only becoming more frequent, but also more adaptive. AI is increasingly being used in both attack chains and defensive workflows, while ransomware groups continue to target organisations across sectors with extortion, disruption, and data theft.
Ransomware Pressure Builds
Check Point Research reported a 48% rise in ransomware attacks in May 2026, even as overall cyberattack activity eased during the month. The education sector remained the most targeted globally, followed by government and telecommunications organisations.
That trend was reflected in several high-profile incidents. 7-Eleven confirmed a breach linked to ShinyHunters, while Foxconn was reportedly hit by an extortion attack in which threat actors claimed to have stolen millions of files. These cases show that ransomware operators are continuing to widen their target set, moving across consumer, industrial, and technology sectors.
AI Moves Into the Security Debate
AI is no longer just a tool for productivity and automation; it is now a policy issue in its own right. Anthropic recently faced U.S. government restrictions on access to Claude Fable 5 and Mythos 5, underscoring how frontier AI models are increasingly being viewed through a national-security lens.
At the same time, lawmakers are debating frameworks to govern advanced AI systems. A draft of the Great American AI Act proposes a federal AI governance structure with transparency requirements, incident reporting, and verification rules, signalling that regulators now see AI risk as inseparable from cyber risk.
Breaches Show the Stakes
The latest wave of cybersecurity incidents also includes major data exposure cases. Chrome Holding, formerly 23andMe, is facing legal action in California over a breach that allegedly exposed family and genetic information belonging to nearly seven million customers.
Carnival Cruises said nearly six million passengers may have had personal information exposed after attackers used social engineering to gain access to its systems. GitHub also reported an incident in which attackers allegedly used a Visual Studio Code extension to compromise an employee device and access thousands of internal repositories.
The Bigger Shift
Taken together, these developments point to a cybersecurity landscape where AI, regulation, ransomware, and data protection are becoming tightly linked. Organisations are no longer dealing with isolated threats; they are dealing with a threat environment that learns, scales, and adapts quickly.
That makes resilience more important than ever. The organisations most likely to stay ahead will be the ones that treat AI not as a side issue, but as a core part of both attack defence and long-term security strategy.
