// #threat-landscape
3 articles
Q2 2026 Enterprise Threat Landscape: Unprecedented Vulnerability Density and What It Means for Security Programmes
Q2 2026 (AprilβJune) has produced more simultaneous high-severity vulnerabilities in enterprise-critical infrastructure than any comparable period in recent years. Netlogon CVSS 9.8, three CVSS 10.0 in UniFi OS, AMD microarchitecture flaws, Linux kernel LPEs, and two Citrix exploitation waves β analysing the pattern reveals structural implications for how enterprises manage vulnerability risk.
Fortinet 2026 Global Threat Landscape: Ransomware Victims Up 389% Year-over-Year, AI Crime Industrialising
Fortinet's 2026 Global Threat Landscape Report documents 7,831 confirmed ransomware victims in 2025 β a 389% increase over 2024's approximately 1,600 β alongside the first systematic evidence of AI-enabled cybercrime tooling (WormGPT, FraudGPT, BruteForceAI) being used at scale. Manufacturing, business services, and retail are the hardest-hit sectors. The report reframes the threat environment as fundamentally changed, not merely intensified.
Anthropic's Claude Mythos AI Discovers Thousands of Zero-Days Across Every Major OS β Project Glasswing Offers Private Access
Anthropic's specialised vulnerability-hunting AI, Claude Mythos, has systematically discovered thousands of zero-day vulnerabilities across Windows, macOS, Linux, and major browsers β including a 17-year-old NFS RCE in FreeBSD and a 27-year-old OpenBSD denial-of-service. Project Glasswing provides private early access to Microsoft, Google, Apple, and select others. The implications for enterprise risk governance are immediate.