The cyber threat landscape is evolving at an accelerated pace each year, thanks to attackers’ expanding creativity and advances in technology.
The same AI breakthroughs that promise efficiency and automation for businesses are being weaponized by adversaries, creating a perfect storm of risk. From attacker-oriented LLMs to hyper-personalized social engineering, the pace of innovation from threat actors in 2026 will challenge even the most mature security programs.
The researchers and forensics experts behind Varonis Threat Labs study these shifts in cybercrime daily, dissecting attack patterns, vulnerabilities, and loopholes to anticipate what’s next.
We asked the team what they see brewing in the world of cybercrime in 2026, and where organizations need to rethink security. Here’s what they said:
Threats will buy and sell malicious LLMSRise in malicious use of LLMs
Rise in malicious use of LLMs
In addition to off-the-shelf tools such as Claude or ChatGPT, attackers are building lightweight, locally hosted large language models (LLMs) designed for one purpose: cybercrime. By eliminating or reducing the ethical guardrails built into public AI tools, self-hosted LLMs can more effectively automate components of attack chains, implement offensive security tool integrations, and make sophisticated breaches more accessible to low-skill actors.
In short, the rise of generative AI tooling is massively increasing the efficiency of threat actors. Whether it’s augmenting their recon capabilities, enhancing their phishing effectiveness, or assisting in data analysis, there is no doubt that just as much as it helps defenders, it is also helping attackers.
The dawn of “Promptware”
Promptware is a new class of cyber threats that use malicious natural language instructions to manipulate AI models, essentially acting as "malware for AI.”
As these malicious modules evolve and adapt, they will aid attackers’ operations without restriction. More malware will be either integrated with or entirely based on lightweight LLM models. This will allow attackers to skip the research and development phase of malware and focus mainly on the set of instructions for execution, which the LLM model will carry out when running on compromised networks.
Malicious LLMs blend into the ecosystem because everyone is moving toward working with AI. They could be based on known and common open-source projects, which are generally not considered malicious by most, if not all, security controls. By the time those controls detect the rogue LLM, it will probably be too late.
Over-privileged chatbots will ignite data breaches
AI copilots promise efficiency, but they also introduce dangerous blind spots. When chatbots are granted excessive permissions, a single compromised identity can expose sensitive data across platforms.
We’ve shown this risk in controlled environments countless times: one compromised account can lead to the discovery of thousands of overexposed files, including financial records and intellectual property. It’s only a matter of time before this plays out in the real world, and the result will be breaches that cost millions and erode trust.
The rise of targeted attacks on high-value data
Business email compromise (BEC) will continue to focus on stealing and encrypting enterprise data, but attackers will also start to take aim at individuals’ email and data stores, making attacks more focused. We expect to see attackers selectively targeting the victims who keep enterprises running. By compromising those who hold the keys to the kingdom, attackers can steal years of sensitive information, enabling extortion or catastrophic leaks.
Phishing tactics will be harder to spot
Forget typos and awkward phrasing — phishing has entered a new era. In fact, according to our State of Phishing report, there has been a 703% increase in credential phishing in the last year.
AI-powered phishing emails are flawless, contextually accurate, and eerily personal. They mimic colleagues, brands, and even your own writing style. Threats use deepfakes, vishing, and more to confuse you even more. The old “trust what looks right” mindset is gone.
To stay safe, think verification, not speed. If an email asks for credentials, money, or urgent action, confirm the request through a separate channel such as a call, text, or using the official app. Type web addresses yourself or use saved bookmarks versus clicking links willingly. Be cautious with attachments, even if they look routine.
Multifactor authentication (MFA) is also critical because it provides an added layer of security if there is a slip up. At the end of the day, remember that if something feels off, it probably is. AI makes phishing convincing, but it can’t beat human skepticism.
How to combat cybercrime in 2026
Cybercrime isn’t slowing down — and neither are we. The threats we’ve outlined aren’t distant possibilities; they’re already taking shape. Attackers are innovating faster than traditional defenses can keep up, and the cost of inaction will be measured in millions.
The best way to outsmart threats is with a data-centric security strategy. By focusing on what threats are after, it’s easier to keep them away from what matters most: your data.
Varonis Threat Labs is on the frontlines, uncovering new attack techniques, analyzing real-world breaches, and developing strategies to keep organizations ahead of adversaries. In 2026, we’ll continue to share cutting-edge research, actionable insights, and proven methods to help you find, fix, and alert threats before they become breaches.
Follow us throughout the year for expert guidance and practical steps to secure your data in an AI-driven world. Because the future of cybersecurity isn’t about reacting — it’s about anticipating what’s next.
-1.png)
