Election security threat elevated ahead of 2026 midterms

A report by Check Point Software Technologies highlights escalating cyber threats ahead of the 2026 U.S. midterms, focusing on disinformation, AI-enhanced attacks, and phishing campaigns rather than traditional voting system breaches. The report, titled *2026 Midterm Election Threat Outlook*, identifies election-related organizations, fundraising platforms, and campaign personnel as primary targets, with adversaries including Russia, China, and Iran. AI is central to the threat, enabling malicious actors to create convincing fake content, automate phishing attacks, and craft personalized messages using stolen data. Aaron Rose, Security Architect Manager at Check Point, noted that AI tools help attackers mimic legitimate communications, such as donation confirmation emails, to trick recipients into revealing sensitive information. Phishing remains the most effective tactic, accounting for 82% of malicious file attacks, often delivered via email. The report cites recent breaches: 9,500 leaked credentials from Democratic fundraising group *Act Blue* and 6,500 from Republican platform *Win Red*. Attackers exploit donor data to craft hyper-personalized scams, increasing deception success rates. The report warns of staged or deceptively edited political content designed to amplify distrust and polarization, leveraging AI to spread misinformation. Check Point’s real-time threat tracking suggests adversaries are refining tactics to exploit social media, donor databases, and public sentiment ahead of the election. Efforts to counter these threats focus on detecting AI-generated disinformation and securing vulnerable platforms. However, the report emphasizes the need for heightened vigilance among campaigns, donors, and election officials to mitigate risks before 2026.