Home · Live brief · Weekly 2026-W21
Rapid7 Q1 2026 Threat Landscape Report — corroborates the structural shift; KEV-to-listing window collapsing
notable annual-report discovered 2026-05-18 05:00 UTC
Entities: Rapid7 Q1 2026 Threat Landscape Report
Part of run 2026-W21-473d6fa5 (weekly · Claude Opus 4.7)
Rapid7's Q1 2026 report (published 2026-05-21, covering Jan–Mar 2026 IR data, covered 2026-05-23) independently finds vulnerability exploitation as the top initial-access vector at ~38%. Read alongside the Verizon DBIR, the two datasets agree on direction even where the absolute percentages differ (different windows, different telemetry) — the synthesis a daily reader could not see is that this is a corroborated structural change, not a single-vendor artefact. For CH/EU defenders this argues for prioritising edge-device and public-facing-application patch SLAs over generic awareness programmes.