AI-Driven Website Attacks Surge 12x in 12 Months, New Report from inMotion Real Estate Media Finds

New report reveals 80% SMB attack rate, $2.5 billion breach costs at major corporations, and the rise of "vibe hacking" by individuals using AI tools

NEW YORK, NY, UNITED STATES, May 11, 2026 /EINPresswire.com/ -- inMotion Real Estate Media, a New York-based Commercial Real Estate marketing agency, today released a comprehensive evidence-based report on the dramatic shift in website security threats over the past 18 months, attributing the surge to the rapid mainstreaming of AI tools among cyber attackers.

The report, Why Websites Are Getting Hacked More Than Ever, draws on threat intelligence from Anthropic, IBM, Microsoft, Cloudflare, Imperva, Wordfence, Patchstack, and the FBI's Internet Crime Complaint Center, alongside named breach incidents from 2024 through 2026. It is targeted at owners of B2B small and mid-sized businesses (SMBs), most of whom - inMotion argues - are operating without an accurate picture of the current threat landscape.

Among the report's key findings:
- AI-enabled bot attacks against websites jumped from 2 million per day to 25 million per day in a single year.
- The average time between a security flaw being publicly disclosed and attackers exploiting it dropped from 32 days in 2023 to 5 days in 2024, with some exploitation now observed before public disclosure.
- Approximately 80% of US small and mid-sized businesses experienced at least one cyberattack in 2025.
- Wordfence, which protects a large share of WordPress sites, blocked over 54 billion malicious requests in 2024 alone, including 8.7 million attacks against just two specific plugin vulnerabilities in a single 48-hour period in October 2025.
- Major corporations including Change Healthcare, Coinbase, Marks & Spencer, and Jaguar Land Rover have suffered breaches with damages ranging from $400 million to over $2.5 billion in the same period.
- Anthropic's August 2025 threat intelligence report documented a single individual using AI tools to extort 17 organizations in a single month - a pattern researchers have termed "vibe hacking."

"The economics of cybercrime have flipped in the last 18 months, and most business owners haven't been told," said Jonathan Phillips, CEO of inMotion Real Estate Media. "Hacking a website used to require skill, time, and money. It now requires a chatbot subscription and an afternoon. That's not hyperbole - that's what the threat reports from Anthropic, Microsoft, and IBM are documenting in real cases. The implication for small businesses is that being unknown is no longer protection. Attackers don't pick targets anymore. They sweep the entire internet looking for any site they can compromise, because AI has dropped the cost of doing so to near zero."

The report walks through the legal and financial exposure facing US businesses when their websites are compromised, including state breach notification laws, FTC enforcement under Section 5 of the FTC Act, California's CCPA, and contract-driven exposures specific to B2B companies - including indemnification claims and SOC 2 audit consequences. Citing research from the National Cyber Security Alliance, the report notes that 60% of small businesses close within six months of a serious cyberattack.

"This report exists because we kept having the same conversation with clients," said Nicole Wallach, Marketing Director at inMotion Real Estate. "A site is launched, it's solid, and then 12 or 18 months go by and the threat environment around it has completely changed. Clients are blindsided. We wanted to put the evidence in one place so business owners can see the data, understand what's actually happening, and make informed decisions about ongoing protection. The agency that built your site is part of your security perimeter. That's a conversation every business owner should be having with every vendor that touches their website."

The report also provides a practical framework for ongoing website protection, including a checklist of warning signs of compromise, questions business owners should ask any agency or vendor with access to their website, and guidance on cyber liability insurance for both businesses and their vendors.

The full report is available as a free download at https://inmotionrealestate.com/resources/why-websites-are-getting-hacked-more-than-ever/

About inMotion Real Estate Media
Founded in 2006, inMotion Real Estate Media is a specialized digital marketing and web development agency dedicated exclusively to the commercial real estate industry. Part of the Hudson Fusion Group, the company provides CRE firms with digital marketing, custom web development, professional graphic design, technology and CRM integrations, and its proprietary Investor Connect™ platform for reaching real estate investors. With an award-winning team of creative designers, online technology experts, and seasoned real estate marketing professionals, inMotion serves a diverse portfolio of clients ranging from institutional investors and developers to brokerage firms and property managers across the globe.

Jonathan Phillips
inMotion Real Estate Media
+1 914-762-0900
email us here
Visit us on social media:
LinkedIn

Legal Disclaimer:

EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.