In Q2, the average enterprise saw 23 previously unknown GenAI tools newly used by their employees.

5.0% of all sensitive prompts analysed in Q2 originated in Google Gemini.

2.5% of all sensitive prompts analysed in Q2 originated in Claude.

Generative AI (GenAI) was involved in 70% of real-world AI security incidents.

Code leakage was the most common type of sensitive data sent to GenAI tools.

13.7% of all sensitive prompts analysed in Q2 originated in Microsoft Copilot.

LLMs failed to secure code against cross-site scripting (CWE-80) in 86% of cases.

Java was found to be the riskiest language for AI code generation, with a security failure rate over 70%. Other major languages, such as Python, C#, and JavaScript, presented significant risk, with failure rates between 38 percent and 45 percent.

AI-generated code introduces security vulnerabilities in 45% of cases.

When given a choice between a secure and insecure method to write code, GenAI models chose the insecure option 45% of the time.

In 45% of all test cases, LLMs introduced vulnerabilities classified within the OWASP Top 10.

LLMs failed to secure code against log injection (CWE-117) in 88% of cases

1 in 12 employees, or 7.95%, used at least one Chinese GenAI tool at work.

Among the 1,059 users who engaged with Chinese GenAI tools, there were 535 incidents of sensitive data exposure.

The majority of sensitive data exposure (roughly 85%) due to the use of Chinese GenAI tools occurred via DeepSeek, followed by Moonshot Kimi, Qwen, Baidu Chat and Manus.

Code and development artifacts made up 32.8% of sensitive data exposed through employee use of Chinese GenAI tools at work.

Financial information accounted for 14.4% of sensitive data exposed through employee use of Chinese GenAI tools at work.

Customer data represented 12.0% of sensitive data exposed through employee use of Chinese GenAI tools at work.

Legal documents made up 4.9% of sensitive data exposed through employee use of Chinese GenAI tools at work.

Personally identifiable information (PII) comprised 17.8% of sensitive data exposed through employee use of Chinese GenAI tools at work.