Check Point Research documented a 48% year-over-year increase in global ransomware attacks in May 2026 — the sharpest growth rate of 2026 — with 61 active threat groups operating simultaneously and Qilin ransomware as the most active operator. Business Services, Consumer Goods, and Industrial Manufacturing are the most heavily targeted sectors. This campaign-level item does not map to a single vendor but affects organizations across all sectors through multiple initial access vectors including phishing, external remote services, and valid account abuse.