The Managed XDR Global Threat Report

90% of ransomware incidents exploit firewalls through a CVE or a vulnerable account.

The fastest ransomware case observed, involving Akira ransomware, takes just three hours from breach to encryption.

11% of detected vulnerabilities have a known exploit.

The most widely detected vulnerability is CVE-2013-2566, which dates to 2013.

66% of incidents involve the supply chain or a third party, up from 45% in 2024.

96% of incidents involving lateral movement end with the release of ransomware.