The Malta Financial Services Authority has published the first iteration of its Cyber Threats Awareness Brief, in which it highlights cyber threat trends and also recommends measures that can be taken to combat such risks.

It provides an overview of key cyber threat trends observed throughout 2025 and January-May 2026, together with insights as to what to expect in the second half of the year.

The brief is intended to support awareness of evolving cyber threats and contribute to the strengthening of cyber resilience, it said.

“Core attack vectors such as phishing, credential theft, vulnerability exploitation, ransomware and supply-chain compromise remain prevalent, but are increasingly enabled by Artificial Intelligence (‘AI’) automation, improved attacker capabilities and shared technology dependencies,” it said.

During the January–May 2026 period, the MFSA said, particular prominence was observed in AI-enabled threats, exploitation of exposed systems and developer ecosystem compromise, alongside persistent risks relating to identity, cyber-enabled fraud and geopolitical disruption.

It highlights that a cross-cutting theme is the growing reliance of Authorised Persons (Entities regulated by the MFSA) on ICT third party service providers, including cloud, identity and software platforms.

It said that incidents affecting such providers, as well as financial authorities and public-sector infrastructure, show that operational disruption may arise both directly and indirectly through shared dependencies. “Geopolitical developments continue to contribute to this risk environment, influencing disruptive activity, espionage and pressure on critical services.”

In terms of the second half of 2026, the MFSA expects the threat landscape to continue evolving. It expects it to be shaped by more sophisticated social engineering, increased attacker speed, and continued targeting of widely used technologies and ICT providers. This, it said, includes growing attention to AI-enabled threat capability and software supply-chain risk, among other things.

It shines a spotlight on a number of risk areas.

For example, with regards to AI-enabled phishing, translation, impersonation and content generation, it said that they have already become baseline concerns within the cyber threat environment, and that for the second half of 2026 “the more operationally significant issue may be the extent to which AI-enabled capabilities reduce the time required by threat actors to identify, prioritise, weaponize and exploit vulnerabilities.”

The Authority said that it has identified AI and the risks arising from its use as a supervisory priority for 2026, and is undertaking supervisory engagements to better understand and assess the implications of AI adoption and AI-enabled threats within the financial sector.

It also provides advice. For example, it said that entities should reduce exposed attack surfaces, strengthen external attack surface management and ensure that vulnerability management processes can respond to fast-moving exploitation.

In another risk area, it said that AI-enabled social engineering is expected to become more convincing, more targeted and more multi-channel during the remainder of 2026. “Deepfake audio and video, cloned executive voices, synthetic identities, manipulated documents and AI-assisted chat interactions may weaken traditional verification processes, particularly where controls rely heavily on voice recognition, email trust, document appearance or perceived seniority of the requester.”

It pointed out that this risk is especially relevant where trust is converted into money movement, account changes and customer onboarding for instance. It said that entities should therefore strengthen controls around high-risk workflows, and that this may include callback procedures using trusted contact details, among other measures.

Related

jonathan attard

Planning Authority and Kamra tal-Periti merge awards into single event

July 14, 2026
by Tim Diacono

MASP and Premju Galizia have been merged into a single event

MTA launches enforcement proceedings over licensed Swieqi apartment block following inspections

July 14, 2026
by Nicole Zammit

The action follows coordinated inspections carried out by the MTA in Swieqi with the Community Police and the Local Council

56 construction sites found working without OHSA permits between February and May

July 14, 2026
by Kevin Schembri Orland

The minister said that all sites were ordered to stop works