Q1 2026 Attack Technique Trends Report

Q1 2026 overview: attackers increasingly combine generative AI, automation, credential-based access, and exploitation of trusted supply‑chain and SaaS integrations to conduct scalable, identity-centric intrusions and evade defenses; the report highlights practical risks and defensive recommendations and cites specific cases — a gaming anti-cheat driver zero‑day (CVE-2025-61155) used against FortiEDR and an attack abusing a legitimate updater to kill EDR — underscoring the need to strengthen detection, identity protections, and supply‑chain controls.