The Q1 2026 Exploit Surge: AI Discovers the Flaws, APTs Reap the Rewards

The first quarter of 2026 has set a blistering and volatile pace for the cybersecurity industry, marked by a massive surge in vulnerability disclosures and highly sophisticated exploitation chains. According to a comprehensive new intelligence report from Kaspersky Labs, the digital battlefield is expanding rapidly. Threat actors are aggressively updating their exploit kits to target user systems, incorporating fresh exploits aimed at the Microsoft Office platform, as well as Windows and Linux operating systems.

As network defenders struggle to patch legacy systems, a new variable has entered the equation: Artificial Intelligence. AI is not only accelerating the discovery of critical flaws but has also become a prime target itself.

The sheer volume of registered Common Vulnerabilities and Exposures (CVEs) is breaking previous records. As the researchers note: “We observe that the registration of vulnerabilities is steadily gaining momentum in Q1 2026, a trend driven by the widespread development of AI tools designed to identify security flaws across various software types”.

While the volume of critical vulnerabilities (CVSS > 8.9) showed a slight decrease compared to previous years, an upward trajectory remains distinctly visible. This sustained growth is fueled by high-profile architectural failures like React2Shell, the proliferation of exploit frameworks aimed at mobile platforms, and the discovery of secondary vulnerabilities exposed during the patching of older flaws.

However, AI frameworks themselves are increasingly falling victim to critical logic flaws. Several notable AI-centric vulnerabilities defined the Q1 threat landscape:

• Clawdbot (CVE-2026-25253): A vulnerability in the OpenClaw AI agent causes it to leak authentication tokens when queried via the WebSocket protocol. Exploitation allows attackers to access local system data and execute commands with elevated privileges. The danger is amplified by active attack scenarios utilizing prompt injections and ClickFix techniques to install stealers.
• LangChain (CVE-2026-34070): This open-source framework, heavily used for building Large Language Model (LLM) applications, suffered a directory traversal vulnerability due to insecure configuration file handling in langchain_core/prompts/loading.py. This flaw allowed attackers to access arbitrary files and expose sensitive data within the LLM’s hosting infrastructure.
• OpenCode (CVE-2026-22812): This AI-assisted coding software contained a default configuration that provided local access to an unauthenticated HTTP server, allowing attackers to execute malicious commands with the current user’s privileges.

Despite the influx of zero-days, threat actors continue to rely heavily on reliable, veteran vulnerabilities to gain initial access and escalate privileges on Windows systems. Historic Microsoft Office vulnerabilities—such as the Equation Editor flaws CVE-2018-0802 and CVE-2017-11882, alongside CVE-2017-0199—consistently account for the largest share of detections.

However, Q1 2026 introduced a devastating new attack chain targeting Windows components. Advanced Persistent Threat (APT) groups combined three specific logic flaws into a single, unified exploit:

• CVE-2026-21509 and CVE-2026-21514: Security feature bypass vulnerabilities in Microsoft Office that allow specially crafted files to execute malicious code seamlessly, even when Protected View is strictly enabled.
• CVE-2026-21513: A vulnerability residing in the Internet Explorer MSHTML engine. By utilizing a malicious LNK file as a data provider, attackers successfully bypassed rules designed to restrict the execution of files from untrusted network sources.

While this specific three-part chain was highly effective, Kaspersky researchers anticipate that “the widespread use of the entire chain as a unified exploit will likely decline due to its instability,” predicting that these flaws will eventually be decoupled and used individually in targeted phishing campaigns.

On the Linux front, administrators face a continued assault from known privilege escalation vectors. Detections primarily focused on veteran exploits like the infamous Dirty Pipe (CVE-2022-0847), alongside CVE-2019-13272 and the kernel subsystem vulnerability CVE-2021-22555. While the raw number of detected Linux exploits slightly decreased in Q1, the overall detection rates represent a year-over-year increase, making aggressive patch management a critical priority.

The operational infrastructure utilized by APT groups has also shifted. According to the report’s analysis of Command and Control (C2) frameworks, “Metasploit has returned to the top of the list of the most common C2 frameworks, displacing Sliver, which now shares the second position with Havoc”. Covenant and Mythic rounded out the top five most utilized post-compromise toolkits.

To deploy these C2 agents, attackers heavily targeted edge networking devices, remote access systems, and web applications. High-value exploitation targets included:

• BeyondTrust (CVE-2024-12356 & CVE-2026-1731): Command injection vulnerabilities allowing unauthenticated attackers to send malicious commands.
• Apache ActiveMQ (CVE-2023-46604): An insecure deserialization flaw leading to arbitrary code execution.
• Microsoft SharePoint (CVE-2025-53770): An unauthenticated command execution vulnerability stemming from insecure deserialization.

The data highlights a deliberate tactical pivot: “Notably, the majority of these security issues are targeted to bypass authentication mechanisms. This is likely due to the fact that C2 agents are being detected effectively, prompting threat actors to reduce the probability of discovery by utilizing bypass exploits”.

The first quarter of 2026 paints a complex picture of an industry under heavy, automated siege. As AI continues to democratize vulnerability research, both defenders and attackers are operating at unprecedented speeds.

“This trajectory is likely to result not only in a higher volume of registered vulnerabilities but also in an increase in exploit-driven attacks, further reinforcing the critical necessity of timely security patch deployment,” the report concludes.