Ransomware and Vulnerability Exploitation Surge Amid Geopolitical Tensions

In Q1 2026 attackers increasingly exploited zero-click, network-facing vulnerabilities (38% of initial access), with state-aligned groups targeting critical infrastructure amid geopolitical tensions; ransomware activity shifted toward pure extortion and data theft while law-enforcement disruption of marketplaces fragmented criminal ecosystems, prompting recommendations for continuous vulnerability management and enhanced exfiltration monitoring.