The assumption that defenders can patch before attackers strike no longer holds. Mandiant’s M-Trends 2026 report, grounded in over 500,000 hours of frontline incident investigations conducted in 2025, puts a number on what many security teams have been feeling: the mean time to exploit a vulnerability has dropped to negative seven days. Attackers are not waiting for patches. They are deploying exploits before patches exist.
That is not a marginal shift. It is a structural reversal of how the entire vulnerability management model was designed to work.
What the Mandiant Report Actually Found
The M-Trends 2026 report, published by Google Cloud’s Mandiant team in March 2026, tracks adversary behavior across real breach investigations, not simulated environments. The findings reveal a threat landscape that has changed faster in the last two years than in the previous decade.
The AI exploit window has gone negative at the macro level, but the specifics inside the report are equally alarming. The median dwell time for cyber espionage groups now sits at 122 days. The window between an initial access event and a ransomware hand-off collapsed from more than eight hours in 2022 to just 22 seconds in 2025. Exploits remained the most common initial infection vector for the sixth consecutive year, accounting for 32% of intrusions.
These numbers describe a threat environment where the standard playbook, detect, notify, patch, verify, has become too slow to be effective.
AI Is the Accelerant
The Mandiant report is careful to note that 2025 was not the year AI directly caused most breaches. The underlying failures remain human and systemic. But AI has compressed the timelines around every stage of the attack lifecycle in ways that compound those failures.
Adversaries are using AI to accelerate reconnaissance, generate convincing phishing content, write functional malicious code, and adapt tactics mid-execution. Mandiant researchers identified malware families that actively query large language models during execution to evade detection. One credential stealer was observed scanning compromised machines for local AI tools and using them to search for configuration files.
The practical result is visible in the data on malicious packages. According to Sonatype’s State of the Software Supply Chain 2026 report, malicious packages in public repositories grew from 55,000 in 2022 to 454,600 in 2025. The sharpest jumps corresponded with GPT-4’s release in 2023 and the agentic coding boom of 2025. AI-generated code is now sophisticated enough to pass static analysis tools and signature scanners that organizations have relied on for years.
The Skills Gap Has Closed on the Wrong Side
One signal that cuts through the noise: attackers no longer need technical expertise at scale. In February 2025, three teenagers with no coding background used an LLM to build a tool that targeted Rakuten Mobile’s system more than 220,000 times. In July 2025, a single actor using agentic AI tools conducted an extortion campaign against 17 organizations over one month, automating code development, data analysis, and ransom communications. In December 2025, another individual used AI coding tools to breach more than 10 Mexican government agencies and exfiltrate over 195 million taxpayer records.
The AI exploit window going negative is one dimension of the problem. The other is that the population of people capable of conducting sophisticated attacks is expanding rapidly, because the technical barrier has collapsed.
What Defenders Are Up Against
The Mandiant report notes that 45% of vulnerabilities in systems maintained by large companies with more than 1,000 employees are never remediated. The average time to remediate a high or critical severity vulnerability is 74 days, according to Edgescan’s 2025 Vulnerability Statistics Report. Set those numbers next to a mean time to exploit of negative seven days, and the gap is not a few weeks. It is structural.
Organizations that continue to treat vulnerability management as a patch-and-pray exercise are operating on assumptions the data has invalidated. The speed of AI-assisted attacks has outpaced the speed of human-led defense, and the gap is widening.
The Mandiant report frames one path forward clearly: stop trying to outrun attacks on every front. Eliminate entire categories of vulnerability instead. Reduce the attack surface so that the speed advantage attackers hold applies to a smaller target.
That is a harder strategic shift than it sounds. But the alternative is continuing to defend with a model built for an era when attackers needed weeks to develop an exploit, not days, and sometimes not hours.
Read the full breakdown on analyticsdrift.com for a deeper look at the M-Trends 2026 findings and what they mean for AI-adjacent teams. Read the full breakdown → [URL]
