Mandiant: Attackers Now Exploit Cloud Vulnerabilities an Average of 7 Days Before Patches Exist
Mandiant's M-Trends 2026 report, built on 500,000 hours of incident response, finds the mean time to exploit vulnerabilities has hit -7 days. Cloud-hosted file tools land on infrastructure compromised before any fix is even available.
VaultTools · March 25, 2026
Photo on Unsplash
Table of Contents
- What the report found
- Exploitation before patches: the -7 days finding
- 22 seconds: the window that no longer exists
- AI-assisted document theft in live operations
- What this means for online file tools
- Sources
What the Report Found
On March 24, 2026, Mandiant published M-Trends 2026, its annual analysis of the global threat landscape drawn from more than 500,000 hours of frontline incident response investigations conducted across 2025. The report covers attack speed, vulnerability exploitation timelines, cloud-specific compromise patterns, and the growing use of AI by threat actors.
The central finding for organizations that rely on cloud infrastructure is unambiguous: the traditional model of patching vulnerabilities to prevent exploitation is no longer viable at current attack speeds.
Exploitation Before Patches: The -7 Days Finding
The report tracks Mean Time to Exploit (TTE), the average gap between the public disclosure of a vulnerability and the first observed exploitation in the wild. The trend is stark.
In 2018, the mean TTE was 63 days, giving defenders nearly two months to assess and apply patches after a vulnerability was disclosed. By 2024, that figure had collapsed to -1 day, meaning exploitation was already happening on the day before public disclosure. In 2025, the figure reached -7 days.
A negative TTE means adversaries are routinely compromising systems through vulnerabilities that have not yet been publicly disclosed, let alone patched. Organizations that pride themselves on fast patching cycles are protecting against a problem that attackers solved a week earlier. Exploits remained the leading initial infection vector in Mandiant’s data for the sixth consecutive year, accounting for 32% of intrusions investigated in 2025.
22 Seconds: The Window That No Longer Exists
A second finding in the report addresses what happens after initial access is gained. In 2022, the median time between an attacker achieving initial access and handing that access off to a secondary threat actor was over eight hours. By 2025, the median had fallen to 22 seconds.
This collapse matters beyond its headline shock value. In 2022, a defender who detected suspicious activity within minutes of initial access had a realistic chance of stopping the intrusion before secondary actors could act on it. At 22 seconds, that window is effectively zero. By the time an alert fires and a human reviews it, access has already been transferred, and a second group, often specialists in data theft or ransomware deployment, is already active inside the environment.
Mandiant attributes this to tight operational coordination between initial access brokers and downstream threat groups, noting that in some observed cases, malware was delivered directly on behalf of secondary groups at the moment of compromise.
AI-Assisted Document Theft in Live Operations
The report identifies a new malware family, designated PROMPTSTEAL and attributed to the Russian state-sponsored group APT28, as the first confirmed state-sponsored tool to query large language models during execution for the purpose of document theft. The malware was observed in operations targeting Ukraine.
A separate malware family, PROMPTFLUX, rewrites its own VBScript source code every hour by querying the Gemini API, a capability designed to evade signature-based detection.
Mandiant’s assessment is that 2025 was not the year in which AI directly caused major breaches. What the report documents instead is AI being integrated into attack toolchains to handle tasks that previously required human operators: adapting to detection, identifying valuable documents, and accelerating the post-compromise phase.
Global median dwell time, the period between initial intrusion and detection, rose to 14 days in 2025, up from 11 days in 2024. In espionage cases and operations involving North Korean IT workers, the median reached 122 days.
What This Means for Online File Tools
The M-Trends data has a direct structural implication for any service that processes files in the cloud.
When a user uploads a document to an online converter, PDF tool, image editor, or AI-assisted workflow, that file is processed on cloud infrastructure. That infrastructure runs software. In 2025, the average vulnerability in that software was being exploited seven days before a patch for it existed. Rapid patching, security monitoring, and incident response all operate downstream of that seven-day gap. No patching cadence addresses a vulnerability that has not yet been disclosed.
The only architectural response that removes this attack surface is to move processing off the cloud entirely. A file processed inside the browser using WebAssembly never touches a remote server. There is no infrastructure to compromise, no vulnerability timeline to race against, and no 22-second window in which an attacker can pivot from initial access to data theft. The file is processed locally and the result stays on the device. The M-Trends findings make the local-processing argument in incident-response terms: the risk is not theoretical, it is measured in negative days.
Sources
- M-Trends 2026: Data, Insights, and Strategies From the Frontlines (Google Cloud Blog)
- Attackers are handing off access in 22 seconds, Mandiant finds (Help Net Security)
- Twenty-Two Seconds to Hand-Off: Inside Mandiant’s M-Trends 2026 Findings (Complex Discovery)
- M-Trends 2026 Report (Google Cloud)
- Mandiant M-Trends 2026 Report: Threat Actors Using AI in Attacks (National Law Review)
- M-Trends 2026: Attackers Split Between Speed and Stealth (Cybersecurity Asia)