INDUSTRIALIZED cybercrime is accelerating attacks through AI, automation and rapid data sharing, with defenders urged to match pace using similarly swift defensive tools. FortiGuard’s Global Threat Landscape Report notes that time-to-exploit has collapsed from nearly a week to 24–48 hours for most critical vulnerabilities, and in some cases exploitation begins within hours of public disclosure, a trend described as evidence that hours or minutes may become the norm.
The report highlights AI-enabled tools such as FraudGPT, WormGPT, HexStrike AI, APEX AI and BruteForceAI that act as force multipliers, enabling phishing, code generation and social engineering at machine speed. It also reveals that 656 vulnerabilities were actively discussed on the darknet in 2025, with 344 having publicly available PoC exploit code, 176 with working exploit code and 149 with both PoC and working exploit code.
The analysis cites that the most targeted areas include the US with 3,381 victims and a total of 7,831 ransomware victims globally in 2025. According to FortiGuard, as AI accelerates reconnaissance, weaponization and execution, the industry is already seeing early signs that exploitation can occur within hours of disclosure.