TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

Infosecurity Magazine

Cloud Attackers Now Prefer Vulnerability Exploits Over Credentials, Google Cloud Finds

2026-03-10 · Read original ↗

ATT&CK techniques detected

4 predictions
T1190Exploit Public-Facing Application
89%
“9 % observed during the first half of the year. in comparison, abuse of weak or absent credentials as an entry point dropped from 47. 1 % in the first half of the year, down to 27. 2 % in the second half. react2shell top targeted vulnerability one of the most commonly software vu…”
T1190Exploit Public-Facing Application
69%
“secure data, and automated posture enforcement, ” said google. according to the report, the window between vulnerability disclosure and mass exploitation collapsed by “ an order of magnitude ” from weeks to just days. ultimately, if organizations haven ’ t patched vulnerabilities…”
T1078.004Cloud Accounts
64%
“cloud attackers now prefer vulnerability exploits over credentials, google cloud finds google cloud has warned that threat actors targeting cloud environments now favor campaigns which gain initial access by exploiting software vulnerabilities over credential - based attacks. pub…”
T1588.006Vulnerabilities
45%
“secure data, and automated posture enforcement, ” said google. according to the report, the window between vulnerability disclosure and mass exploitation collapsed by “ an order of magnitude ” from weeks to just days. ultimately, if organizations haven ’ t patched vulnerabilities…”

Summary

Google Cloud report details a sharp rise in attackers exploiting software vulnerabilities, including React2Shell