APT // MODERN VECTORS
How advanced persistent threats have redrawn the kill chain: from the inbox to the edge appliance, from the binary to the borrowed key.
How advanced persistent threats have redrawn the kill chain: from the inbox to the edge appliance, from the binary to the borrowed key.
An APT is defined by behavior and intent — prolonged, stealthy, objective-driven access — rather than by any single tool (CyberDefenders, 2026). What has changed is where adversaries enter and how they remain invisible. According to Unit 42's 2026 research, spear-phishing and vulnerability exploitation are now effectively tied as the leading initial-access vectors at roughly 22% each (Vectra, 2026), a notable rebalancing away from the long-assumed dominance of phishing.
Kaspersky reported that a quarter of organizations worldwide were affected by APT activity in a recent twelve-month window, accounting for 43% of all high-severity incidents (BlackFog, 2026). The following sections survey the vectors driving that impact.
The single most consequential shift is the targeting of internet-facing edge infrastructure — VPNs, firewalls, routers, and gateways. These devices are externally exposed, often unmonitored by endpoint detection, and grant a privileged network position upon compromise.
The China-linked Salt Typhoon campaign (also tracked as GhostEmperor, Earth Estries, RedMike) exemplifies the pattern, breaching on the order of 600 organizations across more than 80 countries by exploiting exposed appliances from Cisco (CVE-2018-0171, CVE-2023-20198, CVE-2023-20273), Ivanti (CVE-2023-46805, CVE-2024-21887), and Palo Alto Networks (CVE-2024-3400) (The Hacker News, 2025; Darktrace, 2025). Persistence was maintained by altering access-control lists, opening ports, staging tooling inside an on-box Linux container on Cisco devices, and abusing TACACS+ to move laterally while capturing credential-bearing traffic. Volt Typhoon has similarly leaned on Fortinet FortiOS, Ivanti Connect Secure, Citrix NetScaler, and Versa Director (NJCCIC, 2026).
Crucially, adversaries increasingly weaponize these flaws as zero-days — before the vendor discloses or patches them. Amazon traced exploitation of a Cisco identity-service flaw (CVE-2025-20337) and a Citrix defect to a period weeks ahead of public disclosure (CyberScoop, 2025). In 2026, a likely state-sponsored group exploited an unauthenticated remote-code-execution zero-day in Palo Alto firewalls (CVE-2026-0300), relying on open-source tooling rather than custom malware to minimize signature-based detection (SecurityWeek, 2026).
Where a network position is not the entry point, a credential usually is. Initial access overwhelmingly begins with stolen credentials: infostealers harvest browser-stored passwords and session cookies at scale, and adversaries abuse trusted managed-service-provider relationships to pivot from a provider into downstream client networks (N-able, 2026).
Session-token theft is especially corrosive because it can sidestep multi-factor authentication entirely. The emergence of non-human and agentic identities further expands this surface — 48% of professionals surveyed ranked agentic AI as the top attack vector for 2026 (Vectra, 2026).
Supply-chain intrusion has matured from generic update poisoning into what practitioners describe as Supply Chain 2.0 — abuse of compromised code-signing to make malicious artifacts appear trusted (LNXnetwork, 2026). Silk Typhoon illustrates the IT-supply-chain angle, exploiting an Ivanti flaw (CVE-2025-0282) and targeting infrastructure providers including Ivanti, Citrix, Palo Alto, and Microsoft to reach many downstream victims at once (Eclypsium, 2026). In cloud and container ecosystems, poisoned container images and multi-cloud misconfigurations provide analogous one-to-many leverage (Trend Micro, 2026).
Once inside, modern APTs minimize their forensic footprint by living off the land (LOTL): using legitimate, pre-installed utilities — PowerShell, WMI, PsExec, and authorized remote-monitoring tools — so that malicious actions are statistically indistinguishable from routine administration (CyberDefenders, 2026; N-able, 2026). Signature-based detection cannot separate this activity from sanctioned work, which is why behavioral analytics and threat hunting have become essential (BlackFog, 2026).
Persistence is increasingly pushed below the operating system. Reporting describes hypervisor- and firmware-level rootkits that operate beneath traditional security tooling and remain practically undetectable, with one documented campaign sustaining access for eighteen months via LOTL and covert command-and-control hidden in legitimate traffic (LNXnetwork, 2026).
Artificial intelligence is now woven through the kill chain rather than bolted onto it. ENISA's 2025 reporting indicates more than 80% of phishing campaigns incorporate AI-generated content (Vectra, 2026), and deepfake-driven social engineering enables highly personalized lures at scale (LNXnetwork, 2026).
APT36 has been characterized as the first documented nation-state actor to use AI as a "malware assembly line," accelerating production of polymorphic variants (Vectra, 2026). Forward-looking analysis anticipates AI-powered LOTL, in which models generate commands engineered to mimic legitimate activity and evade behavioral detection (Trend Micro, 2026).
The unifying theme is the erosion of the signature and the perimeter alike. When the entry point is a zero-day in an edge appliance, the credential is valid, the binary is a native Windows tool, and the lure is machine-generated, legacy detection has little to grip. The defensive center of gravity correspondingly shifts toward identity-first Zero-Trust enforcement, behavioral and pre-execution analytics, prioritized patching of edge devices, and continuous hunting rather than alert-only monitoring (BlackFog, 2026; CyberDefenders, 2026).