A report said global ransomware damage surged in a year and the nature of cyber threats is being reorganized around speed.
According to the 2026 Global Threat Landscape Report released by global security corporations Fortinet on the 6th, the number of ransomware incidents worldwide last year totaled 7,831, up 389% from the previous year. The industries hit hardest were manufacturing (1,284 cases), business services (824), and retail (682). Exploitation intrusions that abused vulnerabilities also rose about 25% year over year to roughly 1,219 cases.
In particular, as adoption of artificial intelligence (AI) spreads rapidly, the speed of threats has accelerated, with attacks beginning as soon as vulnerabilities are disclosed. According to FortiGuard Labs, Fortinet's threat intelligence organization, the time from disclosure to the first attack attempt has shrunk to an average of 24–48 hours.
That is less than half compared with the previous report's average of 4.76 days. In fact, for the remote code execution (RCE) vulnerability "React2Shell," attempts to attack were made within hours of disclosure.
Meanwhile, Fortinet is also working to block global cybercrime by collecting and sharing threat intelligence. Fortinet is using open-source intelligence to map cybercrime networks, identify infrastructure weaknesses, and support joint takedown operations by law enforcement agencies.
Derek Manky, Fortinet's vice president of global threat intelligence, said, "This report shows that malicious actors have begun using agentic AI to carry out more sophisticated attacks," adding, "Cyber defenders must shift security operations to an industrialized defense system and adopt AI-based tools that respond to the latest threats at the same speed."