Simply 15 years in the past, the median dwell time of a cyberattack — the length an attacker stays inside their sufferer’s system, spanning from the preliminary indicators of compromise to the second of detection — was 416 days, based on Mandiant. That metric has steadily decreased over the previous decade and a half, falling to 11 days in 2024.
Causes for dwell time decreases are twofold. Enterprise safety monitoring, logging and alerting capabilities have turn out to be stronger and simpler, whereas sure assaults — equivalent to ransomware, by which malicious actors try and extort victims quickly — are detected far more shortly. But these factors are countered by overworked or under-skilled safety groups and immature incident response plans, in addition to by refined superior persistent threats that use stealth and living-off-the-land methods to evade detection for lengthy durations.
Cybersecurity is a story as previous as time: As enterprise defenses get stronger, adversaries up the ante on assaults. Rinse and repeat.
As this week’s featured information highlights, attackers proceed to enhance their pace. Organizations should, in flip, step up their recreation to watch, detect and eradicate threats quicker than ever earlier than.
AI revolutionizes cyberattack pace and class
AI is reworking the cyberattack panorama, enabling attackers to speed up lateral motion, information exfiltration and phishing campaigns, based on a ReliaQuest report. In 2025, lateral motion occasions dropped 29% to a mean of 34 minutes, whereas information exfiltration occasions fell to only six minutes — a lower from 4 hours in 2024.
ReliaQuest researchers pointed to AI-powered instruments equivalent to BoaLoader malware, which they mentioned “displays the primary main convergence of AI-assisted growth, social engineering and conventional cybercrime.”
Studies from IBM and Resilience had comparable findings, highlighting AI’s position in compressing determination cycles and scaling assaults, whereas a Sophos report cautioned that absolutely autonomous AI-driven assaults stay a future menace.
Learn the complete article by Eric Gellar on Cybersecurity Dive.
PCI SSC highlights international collaboration in cost safety
The PCI Safety Requirements Council launched its first annual report since its founding in 2006, emphasizing international coordination to deal with more and more refined cost safety threats and noting the speedy tempo of assaults — and the necessity for organizations to speed up defenses.
The report outlined initiatives in coaching, compliance and collaboration to safe cell, information, machine, software program and card merchandise, in addition to sorts of assaults cost techniques face.
The Council’s efforts embrace increasing international boards and launching new regional initiatives. Nonetheless, challenges equivalent to fragmentation and the misuse of AI persist. PCI SSC mentioned it goals to streamline processes and improve international collaboration to mitigate dangers and advance cost safety.
Learn the complete article by Arielle Waldman on Darkish Studying.
Speedy weaponization of vulnerabilities challenges defenders
Lower than 1% of software program vulnerabilities had been exploited within the wild in 2025, however attackers weaponized flaws quicker and on a bigger scale, based on a report from VulnCheck.
Researchers tracked greater than 14,400 exploits tied to 10,500 CVEs, a 16.5% enhance from 2024, partly pushed by AI-generated proof-of-concept code, a lot of which was nonfunctional.
This surge complicates defenders’ capacity to prioritize threats, as AI-generated information overwhelms efforts to determine reliable dangers.
Greater than 50% of ransomware-linked CVEs stemmed from zero-day vulnerabilities. React2Shell (CVE-2025-55182) and a Microsoft SharePoint flaw (CVE-2025-53770) had been among the many most exploited vulnerabilities, highlighting the urgency for quicker mitigation.
Learn the complete article by David Jones on Cybersecurity Dive.
Accelerating cyberthreats: AI and pace reshape safety challenges
In 2025, cybercriminals dramatically lowered breakout occasions, averaging 29 minutes, with the quickest intrusion lasting simply 27 seconds, based on CrowdStrike’s “2026 International Risk Report.”
Attackers more and more exploited reliable credentials, bypassing conventional defenses and mixing into regular exercise, with 82% of intrusions being malware-free. Unmanaged gadgets, equivalent to VPNs and private gadgets, had been prime targets, particularly for China-backed teams.
AI emerged as each a weapon and an assault floor, enabling quicker reconnaissance, phishing and exploitation. Risk actors additionally focused vulnerabilities in AI instruments, injecting malicious prompts and exploiting platforms.
Learn the complete article by Jai Vijayan on Darkish Studying.
Editor’s be aware:Â An editor used AI instruments to assist within the technology of this information transient. Our professional editors at all times overview and edit content material earlier than publishing.
Sharon Shea is government editor of TechTarget Safety.
