Speed, Stealth, and AI: The CrowdStrike 2026 Global Threat Report

It’s that time of year: The CrowdStrike 2026 Global Threat Report is live, and Adam and Cristian are here to break down the key findings. This year’s report spotlights adversaries’ heightened speed, their evolving use of AI, an increase in activity from China and North Korea, and the growth of supply chain attacks, zero-day exploitation, and cloud targeting.

For new listeners, the annual Global Threat Report delivers an analysis of the modern threat landscape based on CrowdStrike's frontline observations and real-world threat intelligence from the previous year.

2026 was the year of the evasive adversary. As defenses get stronger, adversaries are focused on refining their techniques to target security blind spots and bypass detection. AI is helping them accelerate and find creative ways around defenses for hands-on-keyboard operations. In 2025, AI-enabled adversaries increased attacks by 89% year-over-year.

The trend is poised to continue: “I don’t think AI is going to create the malware — I think AI is going to be the malware,” Adam said.

But AI isn’t the only factor shaping the modern threat landscape. Below are a few key stats from the report:

• The average eCrime breakout time fell to 29 minutes — a 65% increase in speed from 2024. The fastest breakout we observed occurred in just 27 seconds.
• 82% of detections were malware-free, continuing a steady trend in recent years.
• North Korea-nexus incidents jumped 130%, and FAMOUS CHOLLIMA's activity doubled compared to 2024.
• We observed a 42% increase in vulnerabilities exploited prior to public disclosure and a 37% rise in cloud-conscious intrusions.

Tune in to learn about these findings and more from the CrowdStrike 2026 Global Threat Report.