Meta ExternalAgent accounted for nearly 25% of top AI agent traffic on DataDome’s network in February 2026, followed by ChatGPT-User (19.1%) and Meta WebIndexer (14.3%).

55% of organizations are cutting or not increasing investment in red and purple teaming.

3% of organizations update incident response plans only after a cyber incident.

72% of organizations report frequent misalignment between cybersecurity efforts and broader business priorities.

88% of people do not freely share personal information with AI tools like ChatGPT and Gemini.

AI-augmented teams achieve a 27% cybersecurity challenge solve rate within the time window versus 16% for top human-only teams.

36% of organizations acknowledge gaps in how threats are prioritized.

28% of organizations experience business email compromise.

Cyberattacks in LATAM increased from over 250 in 2024 to over 450 in 2025.

Brazil accounted for about 30% of ransomware victims in LATAM in 2025, followed by Mexico at about 14% and Argentina at about 13%.

Data leak site-claimed ransomware incidents grew by 50% YoY — an all-time high.

Over 200 instances of access offers impacting 17 countries in Latin America were observed from January 2025 to December 2025.

The most targeted country by initial access brokers was Brazil with over 70 victims, followed by Mexico with over 30 and Argentina with over 20.

The most impacted industries by initial access brokers in LATAM in 2025 were national government, agriculture and food and beverage production and education.

The most common method that access brokers leveraged to obtain access to organizations in LATAM in 2025 was the abuse of compromised login credentials.

At least 119 hacktivist attacks were observed across 15 countries of Latin America in 2025.

Brazil was the most targeted country by hactivists in 2025, with 34 attacks.

Colombia was the most targeted country by DDoS attacks with over 20 victims, followed by Venezuela and Brazil, in 2025.

Qilin claimed the most victims in 2025 (835), followed by Akira (650), Cl0p (517), Play (363), INC (334), Safepay (306), Lynx (253), RansomHub (233), DragonForce (181), and Babuk (176).

2025 ransomware market share by group: Qilin (23%), Akira (18%), Cl0p (14%), Play (10%), INC (9%), Safepay (8%), Lynx (7%), RansomHub (6%), DragonForce (5%).