Decoding the accelerated cyber attack cycle

Rapid7's latest report highlights the shrinking timelines in cyber threat landscapes and underscores the urgency of effective cyber-resilience strategies.

Rapid7 has released its 2026 Global Threat Landscape Report: Decoding the Accelerated Cyber Attack Cycle, a report examining the evolving nature of cyber threats and the increasing speed at which vulnerabilities are exploited.

The report’s findings highlight a notable trend. High and critical severity vulnerabilities have increased, rising from 71 in 2024 to 146 in 2025. At the same time, the window between vulnerability disclosure and confirmed exploitation is becoming shorter, with attackers operationalising vulnerabilities within days of disclosure.

The report combines multiple data sources, including vulnerability publication data and incident response metrics, to provide a broader view of how exposure can lead to compromise. Key observations include:

  • Accelerating Exploitation: The number of high-risk vulnerabilities indicates that these are being targeted soon after disclosure.
  • Shrinking Weaponisation Timelines: The time from vulnerability disclosure to inclusion in security databases has decreased, particularly for high-severity vulnerabilities.
  • Identity as a Key Target: Issues related to multi-factor authentication account for a significant portion of investigations, making identity a common access vector.
  • Ransomware Activity: Ransomware continues to be involved in a substantial share of incident responses and is increasing in scale and frequency.
  • Use of AI by Threat Actors: AI is increasingly being used to support attack development, including phishing content creation and other techniques.

The report notes that organisations need to respond more quickly to vulnerabilities as the time between disclosure and exploitation continues to decrease. The gap between identifying and addressing vulnerabilities is narrowing, making timely remediation and alignment with detection and response processes more important.

In summary, as threat actors increasingly incorporate AI into their activities, organisations are adjusting their approaches to detection and response. This shift highlights the need for timely remediation and co-ordinated security practices to address evolving threats.

An examination of how Atlassian’s Rovo and Teamwork Graph introduce AI-driven automation into...
Perforce Software has introduced updates to its DevOps tech stack, adding new tools for AI...
CoreWeave partners with Conapto to strengthen its AI infrastructure in Stockholm, powered by...
Toby Weiss steps in as CEO of Securonix, aiming to enhance security operations amid evolving...
AI adoption in workplaces is accelerating but employees lag in readiness, revealing a pressing need...
Schneider Electric partners with Foxconn to develop AI data centres, aiming for speed, efficiency,...
Kyndryl extends its partnership with AWS to support global AI adoption.
Lenovo's new Hybrid AI Advantage introduces AI innovations that aim to enhance deployment...