Cyber risk spikes for landlords

CrowdStrike’s 2026 Global Threat Report found AI‑enabled attacks surged 89% and reported an average eCrime “breakout time” of 29 minutes in 2025, compressing the window defenders have to contain intrusions. (crowdstrike.com) Rapid7’s 2026 threat analysis recorded a 105% year‑over‑year rise in exploited high‑ and critical‑severity vulnerabilities, from 71 in 2024 to 146 in 2025, and warned exploit timelines are collapsing to days. (rapid7.com) The U.S. National Vulnerability Database experienced a major API outage on January 27, 2026, and cybersecurity vendors have repeatedly flagged NVD processing backlogs that leave published CVEs without timely analysis. (patchcast.instatus.com) The CVE program narrowly avoided a shutdown after the April 16, 2025 contract extension for MITRE’s role, prompting international efforts to build decentralised alternatives such as the EU‑backed GCVE. (cyberscoop.com) GCVE publicly launched db.gcve.eu in January 2026 as an open vulnerability advisory database aggregating data from more than 25 public sources and a decentralized numbering model for vulnerability identifiers. (gcve.eu) IBM X‑Force reported a 44% increase in attacks that began with exploitation of public‑facing applications in 2025, a pattern that directly threatens tenant portals, lease‑management APIs and other externally accessible landlord systems. (newsroom.ibm.com) FIRST’s 2026 vulnerability forecast projected a median of about 59,427 CVEs for 2026 — the first year expected to exceed 50,000 published vulnerabilities — increasing pressure on prioritisation and patch workflows. (first.org) Ransomware trackers show the U.S. had 7,816 victims recorded on national maps, underscoring that operational disruption and data seizure remain high‑frequency risks that can directly interrupt leasing operations and tenant services. (ransomware.live)