Mandiant (Google) recently dropped their M-Trends 2026 Report while we were out at RSAC. I recently wrote a deep dive of the report, with key takeaways and insights, but I know some prefer video, so I put this together as well.
Interested in sponsoring an issue of Resilient Cyber?
This includes reaching over 31,000 subscribers, ranging from Developers, Engineers, Architects, CISO’s/Security Leaders and Business Executives
Reach out below!
In this video, we cut through the noise and focus on what actually matters:
Why exploits remain the #1 initial access vector (for the 6th year straight)
The sharp rise of voice phishing (vishing) now the 2 entry point
Why email phishing is declining faster than expected
The truth behind increased dwell time and why it’s misunderstood
How internal detection is quietly improving
Long-term persistence of state-sponsored actors on edge devices
Cloud-specific attack trends that shift the usual narrative
DPRK IT worker campaigns operating at scale
The growing role of AI in social engineering and “vibe coding” risks
This isn’t just a summary it’s a breakdown of what’s driving these trends, where defenders are still blind, and what security leaders need to rethink right now.
If you want my full deep dive breakdown, check it out “M-Trends 2026: What 450,000 Hours of Incident Response Tells Us”.
And of course, for those who prefer the full report from Google/Mandiant: M-Trends 2026 Report: Real-world investigations and actionable defense insights
If you’re in cybersecurity, threat intelligence, or leadership this is essential viewing.
