Cybercriminals are increasingly evading companies’ traditional detection capabilities by weaponizing AI and trusted systems to get quicker and wider access inside businesses, according to a new report. Adversaries are mimicking authorized activity inside businesses’ systems, which makes it harder for companies to identify intrusions, according to CrowdStrike’s 2026 Global Threat Report. Cloud infrastructure, specifically, has become a go-to entry point, with a jump in state-related threat actors targeting cloud environments last year. The 2025 analysis released Tuesday found cyber attackers are also moving faster: it took them 29 minutes last year to move from one system to another, known as the breakout time, compared to 48 minutes in 2024. “Defenders have to work nearly twice as hard as they did two years ago,” said Adam Meyers, CrowdStrike’s senior VP of Counter Adversary Operations, during a press briefing.

Full report : Cybercriminals are increasingly evading companies’ traditional detection capabilities by weaponizing AI.