Vendors2026 Global Threat Landscape Report
2026 Global Threat Landscape Report
Cybersecurity reports and statistics published by 2026 Global Threat Landscape Report
8 categories1 reports
Recent Statistics & Reports
Exploited high and critical severity vulnerabilities increased 105% from 71 in 2024 to 146 in 2025.
5/27/2026•
VulnerabilitiesVulnerability Exploitation
Valid accounts with missing or lax multi-factor authentication (MFA) accounted for 43.9% of all incident response investigations by Rapid7 in 2025, making it the single most common initial access vector.
5/27/2026•
Valid AccountsMFAInitial Access Vector
The median time from a vulnerability's publication to its inclusion in the CISA KEV catalog dropped from 8.5 days to 5.0 days.
5/27/2026•
VulnerabilitiesCISA KEV
The mean time from a vulnerability's publication to its inclusion in the CISA KEV catalog dropped from 61.0 days to 28.5 days.
5/27/2026•
VulnerabilitiesCISA KEV
Ransomware was involved in 42% of Rapid7 MDR incident response investigations last year.
5/27/2026•
Ransomware
Total ransomware leak posts increased 46.4% year over year, rising to 8,835 in 2025.
5/27/2026•
RansomwareRansomware Leak Posts