Mandiant: AI-driven attacks compress criminal handoffs to 22 seconds and zero-day window to seven days

A May 2026 Mandiant survey finds attackers using automation and AI to speed intrusion workflows, forcing defenders to operate at machine pace.

Mandiant, now part of Google Cloud, reports in a May 2026 enterprise security survey that attackers are using automation and AI to compress intrusion timelines dramatically: average criminal handoffs fell from more than eight hours in 2022 to roughly 22 seconds in 2025, and the mean time to exploit a zero‑day before vendors issue a patch has dropped to about seven days. That speed shift turns many breaches into machine‑vs‑machine contests and raises the bar for defensive response times.

The report describes a division‑of‑labor model in which one group uses low‑impact methods — malicious ads, fake browser updates — to gain initial access and immediately hands targets off to second‑stage operators for hands‑on exploitation. Mandiant’s data show this handoff process has collapsed into seconds, enabling specialized attackers to scale operations and reduce the window for detection and containment.

Mandiant separates intruders into two operational profiles: financially motivated cybercriminals that favor rapid monetization techniques such as ransomware and denial of recovery, and espionage teams that prioritize long‑term stealth and persistence. The firm observed attacks against more than 16 industry verticals, with the high‑tech sector accounting for about 17% of incidents and financial services about 14.6%. Overall average dwell time across incidents is 14 days, while espionage incidents have a median dwell of 122 days.

Attack vectors are shifting under automation. Nearly one‑third of detected intrusions stem from technical exploits, while the second‑most common vector is highly interactive, voice‑based social engineering aimed at IT help desks to bypass multifactor authentication and gain initial access to SaaS environments. Mandiant stresses that operators are combining technical exploits with social‑engineering chains to shorten timelines and increase success rates.

The survey documents adversaries weaponizing AI across reconnaissance, social engineering and malware development. A cited example, the QUIETVAULT credential stealer, was observed checking compromised machines for AI command‑line tools so it could execute predefined prompts. After initial access, attackers increasingly use AI to scale reconnaissance and automate lateral movement and post‑exploitation steps.

For builders and security teams the implications are concrete: defensive timelines are compressed, so patch management, detection engineering and incident response must move at machine speed; network architecture and trust boundaries should be reassessed to limit rapid handoffs and persistent footholds; and human‑facing controls — help desk workflows, MFA processes and SaaS account hygiene — require special hardening given their elevated use as attack vectors.