The Numbers

The data from 2026 describes something other than incremental change. AI-enabled adversary activity surged 89% year-over-year, according to CrowdStrike’s 2026 Global Threat Report. This is not a gradual uptick in sophistication. It is a step function — a structural shift in how fast threat actors can move from vulnerability disclosure to active exploitation.

The most consequential number comes from Mandiant’s M-Trends 2026 report: 28.3% of CVEs are now exploited within 24 hours of public disclosure. That statistic deserves a moment of serious consideration. It means that for roughly one in three vulnerabilities published to the NVD, a working exploit is being deployed against production systems before most organizations have finished reading the advisory — let alone scheduled a patch window.

The window between vulnerability announcement and active exploitation has compressed from weeks to hours. Three years ago, defenders could reasonably expect days or weeks between a CVE’s publication and its weaponization. That assumption no longer holds. The exploitation timeline has collapsed, and the collapse is driven by one thing: AI is automating the attacker’s workflow at every stage.

This isn’t incremental change. It is a structural shift in attacker velocity — and it breaks every defensive assumption calibrated for a slower adversary.

How AI Is Changing the Attack

The mechanism behind the 89% year-over-year surge is not mystery. Threat actors are integrating AI into their offensive workflows in ways that are practical, scalable, and devastatingly effective.

Automated exploit generation. AI models can now parse a CVE description, analyze the associated code diff or patch, and generate a working proof-of-concept exploit — sometimes within hours of disclosure. What once required a skilled vulnerability researcher spending days reverse-engineering a patch now happens at machine speed. The output is not always perfect, but it does not need to be. A working exploit against even a fraction of unpatched targets is enough to launch a campaign.

AI-automated reconnaissance at scale. Before AI, attack-surface mapping was labor-intensive. Scanning IP ranges, fingerprinting services, identifying vulnerable versions — this was the slow, boring work that limited how many targets an attacker could evaluate. AI has removed that bottleneck. Automated reconnaissance pipelines can now map and prioritize attack surfaces faster than defenders can audit them, identifying vulnerable edge devices, misconfigured cloud services, and exposed APIs across thousands of organizations simultaneously.

AI-crafted social engineering. Phishing emails generated by AI models are grammatically flawless, contextually appropriate, and increasingly personalized using scraped data from LinkedIn, company websites, and public filings. Vishing — voice-based social engineering — now leverages real-time voice synthesis that can mimic specific individuals. Pretexting scenarios are generated and refined by AI to defeat human judgment. The result is social engineering that works at scale without the telltale signs that trained users were taught to recognize.

The tools enabling all of this are widely available, low-cost, and require minimal technical sophistication to deploy. The barrier to entry for sophisticated attacks has dropped to near zero.

The Identity Vector

If AI-enabled exploitation is compressing the timeline from vulnerability to compromise, AI-enabled identity attacks are opening an entirely new front — one that traditional security tooling was never designed to defend.

Muddled Libra — the threat group tracked by CrowdStrike and Palo Alto Unit 42 — is running deepfake identity attacks against corporate help desks. The technique is straightforward and terrifyingly effective: AI-generated voice and video are used to impersonate legitimate employees during calls to IT support, convincing help desk staff to reset credentials, disable MFA, or grant access to accounts. The deepfakes are good enough to defeat human judgment in real time. The help desk agent hears a familiar voice, sees a plausible face on video, and processes the request. The attacker walks away with valid credentials.

North Korean IT workers have operationalized a different variant of the same concept. Using AI-generated personas — synthetic faces, fabricated work histories, AI-assisted interview responses — operatives are infiltrating Western companies through legitimate hiring pipelines. They pass video interviews with synthetic faces. They pass background checks with manufactured identities. They get hired, receive corporate laptops and VPN credentials, and begin exfiltrating data or channeling salaries to fund state programs. Multiple companies have publicly confirmed discovering these infiltrations only after the fact.

These are not theoretical attack vectors. They are documented, active campaigns compromising real organizations right now. Identity has become an attack surface — and it is an attack surface that firewalls, endpoint agents, and signature-based detection were never architected to protect.

AI Targeting AI

Perhaps the most telling development of 2026 is the emergence of AI-assisted attacks targeting the AI ecosystem itself.

The “Shai-Hulud” campaign — also referred to as “Mini Shai-Hulud” or the TanStack wave — was a self-propagating, credential-stealing worm that spread indiscriminately through npm via automated dependency poisoning. It was not a targeted strike against any single organization. The worm infected 170+ npm packages, compromising development toolchains across multiple companies and open-source projects. OpenAI was among those exposed: two employee devices were compromised through a poisoned dependency in their development environment. The campaign demonstrated how modern supply-chain attacks can propagate at a scale and speed that no single organization can monitor alone.

The implications extend well beyond a single campaign. Supply chain attacks are increasingly automated across the board — worms that spread through dependency graphs indiscriminately, payload customization based on the target’s technology stack, and evasion techniques that adapt to the defensive tools present in the environment. The supply chain attack surface is growing, and automation is making it cheaper and faster to exploit at a scale that overwhelms manual review.

The Timeline Compression

  • 2020: Average time from CVE disclosure to exploitation: roughly 42 days (illustrative industry estimate).
  • 2023: Average time compressed to approximately 15 days (illustrative industry estimate).
  • 2025 (Mandiant M-Trends 2026 reporting period): 28.3% of CVEs exploited within 24 hours of disclosure.
  • 2026: AI-generated exploits appearing within hours of CVE publication.
  • SOC triage queue: Still processing yesterday’s alerts.

The Structural Shift Is Temporal

Every defensive assumption about response timelines — patch cycles, triage queues, investigation backlogs — was calibrated for a world where exploitation followed disclosure by days or weeks. Patch management processes were designed around a reasonable expectation that organizations would have time to test, schedule, and deploy fixes before widespread exploitation began. Triage workflows assumed that the volume of genuinely urgent alerts would remain manageable. Investigation backlogs were tolerated because the adversary was assumed to be slower than the defender’s ability to catch up.

When that window collapses to hours, the entire investigation model breaks.

Consider the math. A SOC processing 11,000 alerts per day with human analysts averaging 90 seconds per triage cannot investigate a novel CVE exploitation, correlate it with lateral movement, and determine blast radius in 24 hours. The alert fires. It enters the queue. An analyst glances at it, sees that the affected system is scheduled for patching, and closes it as “known vulnerability — remediation in progress.” Meanwhile, the attacker is already inside, already moving laterally, already staging data for exfiltration. The alert was triaged. It was not investigated.

The math did not work at human speed before AI-augmented attackers compressed the timeline. It certainly does not work now. And this is not a staffing problem that can be solved by hiring. The 4 million+ global cybersecurity workforce gap documented by ISC2 means there is no hiring path out of this. The defenders who would need to investigate these alerts at the required speed do not exist in sufficient numbers, and they will not exist in sufficient numbers for the foreseeable future.

What AI-Speed Investigation Looks Like

When attacker velocity compresses timelines from weeks to hours, investigation cannot depend on human analysts manually correlating alerts across multiple consoles and telemetry sources. The investigation itself has to operate at a fundamentally different speed.

AI agents that investigate every alert in under a minute become the only viable mechanism to match attacker speed. Not as an enhancement to existing workflows — not a “co-pilot” that suggests next steps while a human drives — but as a fundamental shift in how investigation happens. The AI agent receives the alert, pulls the relevant telemetry, correlates across identity, endpoint, and network data sources, determines context and blast radius, and delivers a fully investigated disposition. Every alert. Every time. In seconds.

When a novel CVE exploitation alert fires, the investigation does not wait for a human analyst to reach it in the queue. The AI agent immediately cross-references the exploitation with subsequent activity: lateral movement attempts from the compromised host, privilege escalation events, data staging, anomalous authentication patterns, command-and-control callbacks. The full kill chain is correlated in seconds, not days.

Every alert gets full contextual investigation — cross-referencing identity, endpoint, and network telemetry — at machine speed. The alerts that human analysts would have closed in 90 seconds with a cursory glance receive the same depth of investigation as the alerts that would have been escalated to a senior analyst. The distinction between “triaged” and “investigated” collapses, because at AI speed, there is no reason not to investigate everything.

The Investigation Speed Gap

  • Attacker: AI generates exploit from CVE description → automated scanning identifies vulnerable targets → exploitation begins — all within hours.
  • Defender: CVE published → patch scheduled for next maintenance window → alert fires → enters triage queue → analyst reviews in 90 seconds → closes as “patching in progress” → lateral movement and data staging happen uninvestigated.
  • The gap between attacker speed and investigation speed is where breaches live.

Closing the Gap

This is what Intruex delivers. AI agents investigate every alert automatically, correlating activity across identity, endpoint, and network telemetry in seconds. The compressed timelines that AI-enabled attackers depend on exploiting get met with investigation that operates at the same speed.

When a novel CVE exploitation alert fires, the investigation does not wait in a queue. It immediately checks for subsequent lateral movement, privilege escalation, and data staging across the full environment. The 90-second triage that would have closed the alert as “known vulnerability, patching scheduled” is replaced by a full contextual investigation that traces the attacker’s activity from initial exploitation through every subsequent step — in under a minute.

The AI-enabled attacker’s speed advantage depends on defenders being slow. When investigation matches exploitation speed, that advantage disappears.

The Core Question

If a critical CVE affecting your edge infrastructure was published tomorrow morning and exploitation began within hours — how quickly would your SOC connect the initial exploitation alert with subsequent lateral movement and data staging? If the answer is measured in days rather than minutes, the attacker’s AI-augmented speed advantage is already decisive.

Sources: CrowdStrike 2026 Global Threat Report (89% year-over-year AI-enabled adversary activity), Mandiant M-Trends 2026 (28.3% CVE exploitation within 24 hours), Palo Alto Unit 42 Global Incident Response Report 2026