The Q2 2026 trend report from AhnLab ASEC documents a significant expansion of attack surfaces into AI stacks, identity infrastructure, and public-facing applications. CISA KEV listings rose 27% year-over-year to 75 entries, with ransomware-linked vulnerabilities nearly doubling. Notable developments include prompt injection-to-RCE chains in Microsoft Semantic Kernel, data exfiltration via M365 Copilot Enterprise (SearchLeak), three Microsoft Defender zero-days used for telemetry evasion, and continued AI supply chain attacks via malicious skills. The report recommends shifting from signature-based to behavior-based detection and implementing ITDR, conditional access, and AI-specific input validation controls.