Simply 15 years in the past, the median dwell time of a cyberattack — the length an attacker stays inside their sufferer’s system, spanning from the preliminary indicators of compromise to the second of detection — was 416 days, based on Mandiant. That metric has steadily decreased over the previous decade and a half, falling to 11 days in 2024.
Causes for dwell time decreases are twofold. Enterprise safety monitoring, logging and alerting capabilities have develop into stronger and more practical, whereas sure assaults — equivalent to ransomware, during which malicious actors try and extort victims quickly — are detected way more rapidly. But these factors are countered by overworked or under-skilled safety groups and immature incident response plans, in addition to by refined superior persistent threats that use stealth and living-off-the-land methods to evade detection for lengthy intervals.
Cybersecurity is a story as previous as time: As enterprise defenses get stronger, adversaries up the ante on assaults. Rinse and repeat.
As this week’s featured information highlights, attackers proceed to enhance their pace. Organizations should, in flip, step up their sport to observe, detect and eradicate threats sooner than ever earlier than.
AI revolutionizes cyberattack pace and class
AI is reworking the cyberattack panorama, enabling attackers to speed up lateral motion, knowledge exfiltration and phishing campaigns, based on a ReliaQuest report. In 2025, lateral motion occasions dropped 29% to a mean of 34 minutes, whereas knowledge exfiltration occasions fell to only six minutes — a lower from 4 hours in 2024.
ReliaQuest researchers pointed to AI-powered instruments equivalent to BoaLoader malware, which they stated “displays the primary main convergence of AI-assisted growth, social engineering and conventional cybercrime.”
Experiences from IBM and Resilience had comparable findings, highlighting AI’s position in compressing resolution cycles and scaling assaults, whereas a Sophos report cautioned that totally autonomous AI-driven assaults stay a future menace.
Learn the total article by Eric Gellar on Cybersecurity Dive.
PCI SSC highlights world collaboration in fee safety
The PCI Safety Requirements Council launched its first annual report since its founding in 2006, emphasizing world coordination to deal with more and more refined fee safety threats and noting the speedy tempo of assaults — and the necessity for organizations to speed up defenses.
The report outlined initiatives in coaching, compliance and collaboration to safe cell, knowledge, system, software program and card merchandise, in addition to varieties of assaults fee methods face.
The Council’s efforts embody increasing world boards and launching new regional initiatives. Nevertheless, challenges equivalent to fragmentation and the misuse of AI persist. PCI SSC stated it goals to streamline processes and improve world collaboration to mitigate dangers and advance fee safety.
Learn the total article by Arielle Waldman on Darkish Studying.
Speedy weaponization of vulnerabilities challenges defenders
Lower than 1% of software program vulnerabilities have been exploited within the wild in 2025, however attackers weaponized flaws sooner and on a bigger scale, based on a report from VulnCheck.
Researchers tracked greater than 14,400 exploits tied to 10,500 CVEs, a 16.5% enhance from 2024, partly pushed by AI-generated proof-of-concept code, a lot of which was nonfunctional.
This surge complicates defenders’ potential to prioritize threats, as AI-generated knowledge overwhelms efforts to determine respectable dangers.
Greater than 50% of ransomware-linked CVEs stemmed from zero-day vulnerabilities. React2Shell (CVE-2025-55182) and a Microsoft SharePoint flaw (CVE-2025-53770) have been among the many most exploited vulnerabilities, highlighting the urgency for sooner mitigation.
Learn the total article by David Jones on Cybersecurity Dive.
Accelerating cyberthreats: AI and pace reshape safety challenges
In 2025, cybercriminals dramatically diminished breakout occasions, averaging 29 minutes, with the quickest intrusion lasting simply 27 seconds, based on CrowdStrike’s “2026 International Risk Report.”
Attackers more and more exploited respectable credentials, bypassing conventional defenses and mixing into regular exercise, with 82% of intrusions being malware-free. Unmanaged units, equivalent to VPNs and private units, have been prime targets, particularly for China-backed teams.
AI emerged as each a weapon and an assault floor, enabling sooner reconnaissance, phishing and exploitation. Risk actors additionally focused vulnerabilities in AI instruments, injecting malicious prompts and exploiting platforms.
Learn the total article by Jai Vijayan on Darkish Studying.
Editor’s observe: An editor used AI instruments to assist within the era of this information temporary. Our professional editors at all times assessment and edit content material earlier than publishing.
Sharon Shea is government editor of TechTarget Safety.
