In Q1 2026, vulnerability registrations continued to rise, heavily influenced by AI-assisted discovery tools. Threat actors and APT groups actively exploited a mix of legacy and newly discovered vulnerabilities across Windows, Linux, and Microsoft Office, frequently utilizing C2 frameworks like Metasploit and Sliver to bypass authentication and gain initial access.