**Cyber Threats in 2026: Expert Reveals What Comes Next**

The year 2025 was marked by a record number of data breaches, with even the biggest corporations and governmental institutions falling victim to cyber attacks. According to Cyble's Global Cybersecurity Report 2025, nearly 15,000 incidents related to data breaches and leaks were reported. One of the most notable hacks occurred against Australian airline Quantas, where hackers exposed the personal data of 5 million customers, including names, birth dates, email addresses, and more. This data was then sold on the dark web.

Other notable cases included companies like Oracle, Volvo, and SK Telecom, which suffered from data leaks or frozen business operations due to cyber attacks. In the summer, security researchers uncovered the largest data breach in history, exposing 16 billion passwords across various platforms, including Apple, Facebook, Google, Telegram, and more.

Government institutions were also targeted by hackers, with the US Congressional Budget Office being one of the most recent victims. According to Cyble's report, government institutions were among the top three in terms of overall threat activity. Cybercriminals also directly targeted users, with over 120,000 cameras hacked for "sexploitation" footage in South Korea.

As we move into 2026, cybersecurity experts warn that threats will escalate due to AI-powered attacks, advanced deepfakes, and a new risk called "digital body snatching," where hackers target personal data from wearables and connected health devices. Konstantin Levinzon, co-founder and CEO of Planet VPN, believes this trend will pose even bigger risks in 2026.

"Even though AI improves our daily lives and strengthens cybersecurity, it is also widely used by hackers," Levinzon says. "Now, even those without technical expertise can buy tools on the dark web that target thousands of users with a single click. The rise of AI-powered tools will amplify all kinds of attacks, including phishing scams, ransomware, and exploiting vulnerabilities."

Levinzon notes that up until now, AI has been used by cybercriminals as a tool to organize and speed up attacks. However, with rising agentic AI capabilities, AI will inevitably start attacking autonomously.

"AI tools will scan for weaknesses and exploit zero-day flaws – security gaps that are unknown to vendors – without a human touching a keyboard," Levinzon observes. "As our homes, workplaces, and infrastructure are increasingly run by AI, any security gap becomes a potential attack vector. We will almost certainly see such autonomous attacks next year."

Deepfakes, or AI-generated fake videos, audio files, or images used to impersonate people, are becoming a headache for banks and other businesses as they allow bypassing online verification. An insurance company has even started offering coverage for incidents where AI deepfakes cause reputational harm for companies.

Individual users are also at risk, with the FBI recently warning about criminals generating fake images of kidnapping to scam victims. Levinzon emphasizes that the real rising threat is fake video-generated content:

"In 2025, video generators such as OpenAI's Sora showed how easy it is to create highly realistic videos, and cybercriminals will use them to their advantage," Levinzon says. "As a result, banks and other financial institutions will likely take precautions to enhance their security measures to protect video verification processes. Regulations will likely follow quickly." For users, this may mean additional steps to confirm their identity.

Millions of smartwatches, rings, AI wearables, and even new mattresses come equipped with large amounts of sensors that collect everything – from location data to heart rate information. As the number of these sensors increases, they become attractive targets for cybercriminals.

According to Levinzon, once hackers gain access to a smartwatch or any device, they can exfiltrate data easily, especially if the devices are not purely secured. Such data can also be gathered via cloud or app data leaks, exploiting Bluetooth attacks, and more:

"Potential wearable hacks, deepfakes, and autonomous AI systems mean that next year, users will need to take extra steps and security measures," Levinzon warns. "Aside from staying vigilant, we also recommend enabling two-factor authentication, updating software regularly, and using a VPN, which adds an essential layer of defense against hackers."

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. He specializes in science, technology, environmental, business, and health journalism, and is additionally a practicing microbiologist and author.