The fragmentation of the internet and the concentration of global services in the hands of a few tech giants, along with the advancement of artificial intelligence as a tool for deception and attack, are emerging as the main threats for 2026, according to industry experts. The massive use of AI is already a reality, although it is currently employed in seemingly simple tasks. Steve Miller, head of AI threats at Google’s GTIG, points out that cyber attackers are automating processes to create tools that exploit AI on a large scale. Marijus Briedis, CTO of NordVPN, warns that AI will facilitate access to cybercrime for users with less technical knowledge and enhance the capabilities of more experienced users, enabling autonomous attacks that identify and exploit vulnerabilities without human intervention. ESET predicts that the increased use of AI to optimize systems and processes will expand the attack surface if proper cybersecurity policies are not applied. Additionally, tools like ChatGPT store histories in the browser, exposing sensitive data to threats like information theft, highlighting the importance of not sharing confidential data with these systems. Check Point anticipates that AI will transition from being an assistance tool to acting autonomously, managing budgets, optimizing processes, and making critical decisions without human oversight, which poses risks of uncontrolled autonomy. Trend Micro, on the other hand, foresees an increase in adaptive intrusions, such as polymorphic malware and social engineering campaigns based on deepfakes, capable of deceiving both employees and executives. The proliferation of synthetic code, manipulated AI models, and defective modules infiltrated into legitimate processes will be another threat, with hybrid cloud environments, software supply chains, and AI infrastructures as primary targets of cyberattacks. The use of stolen credentials will continue to be a frequent access route for cybercriminals, both in businesses and homes. ESET highlights new techniques like ClickFix, which trick users into executing malicious commands. The dependence on essential services from major providers like AWS, Cloudflare, Google, or Microsoft Office increases vulnerability: a failure in any of them can affect millions of users and attract attackers. The current digital monoculture, where system diversity has decreased, turns all users into potential targets. Aianus Warmenhoven from NordVPN reminds us that any data, even DNS records, can be monetized on the web. Digital misinformation, recognized as a threat to national security, is becoming increasingly difficult to combat and affects democratic stability. Some criminal organizations even employ marketing teams and influencers to promote unsafe habits and keep users vulnerable. The rise of deepfakes, voice cloning, synthetic identities, and automated chats for phishing will make it difficult to distinguish the real from the fake. ESET predicts that AI will enhance social engineering, eroding trust in services and devices. Kaspersky warns about the expansion of the underground market for deepfakes and AI tools, facilitating fraud in job interviews, fake offers, and identity verification, which will increase the demand for solutions to evade KYC checks. Zscaler notes that data protection will evolve towards the principle of "minimal information," limiting the exposure of sensitive data to APIs, third parties, and internal users. Kaspersky also warns that banking trojans will be distributed through messaging apps like WhatsApp, particularly affecting organizations that rely on online banking in desktop environments. New regulations, such as the EU Digital Omnibus Act, the GDPR review, NIS2, the AI Act, and SEC incident disclosure rules, will require greater resilience and collaboration among companies, tech firms, and authorities, as well as investments in compliance and digital sovereignty. Traditional scams will persist, but their methods will evolve towards messaging platforms and social networks. Check Point warns that impersonation through AI-generated voice, video, and chat will reach unprecedented levels, allowing payments to be authorized or sensitive information accessed through fake calls. Therefore, behavior and context validation will be key for companies. Kaspersky points out that counterfeit or low-cost smart devices, already infected with trojans like Triada, will continue to spread, affecting not only Android mobiles but also TVs and other connected devices, facilitating the theft of credentials and personal data from the first use. ESET warns of targeted attacks on the drone sector, especially by state actors like Russia, China, North Korea, and Iran. Threats exploiting NFC and Android devices will continue to grow in sophistication, with a 78% increase in the second half of 2025 compared to the first. Malware families like NGate, PhantomCard, and RatON have already led campaigns in several countries and are expected to reach Spain. The quantum computing market will exceed $5 billion in 2026, giving new prominence to cybersecurity. Although massive quantum attacks are still far off, cybercriminals are already collecting encrypted data to decrypt it in the future when technology allows, putting decades of confidential information at risk. Zscaler predicts that post-quantum encryption will become standard in browsers, applications, and cloud services, while regulators issue specific guidelines and sectors like finance move towards this transition.