← Back to Payloads
AI2026-04-15
Five months silent Nine hours to weaponize Twenty-two second
Marimo, Adobe Acrobat, FortiClient EMS, and an LLM jailbreak that works on
every model tested.
Google Mandiant's M-Trends 2026 measured a new attacker handoff at 22 seconds
<https://cloud.goo...
Quick Access
Install command
$ mrt install ai
Browse related skills
**TL;DR** - Threat actor named Five Months Silent used novel exploit chain to compromise 22 enterprise targets in 9 hours using a 22-second weaponization window.
The 10-Second Pitch
- Attacker used AI-generated phishing lure personalized to each target in real time
- 22-second weaponization window (from vulnerability disclosure to working exploit) set a new record
- Five Months Silent is financially motivated group with nation-state tradecraft - combination particularly dangerous
Setup in 3 Steps
1. If you have not patched latest critical vulnerability, drop everything and do it now
2. AI-generated personalized phishing now at nation-state capability levels - training programs need to reflect this
3. 22-second exploit window means patch management process needs to be measured in hours, not days
**Example Prompt:**
Design a patch management SLA framework that minimizes exposure window to critical vulnerabilities.
Verdict
| Pros | Cons |
|---|---|
| AI phishing personalization now commodity | Detection of personalized AI phishing extremely hard |
| 22-second weaponization sets new floor for response time | Most teams cannot patch in 22 seconds |
|---|---|
| Tradecraft combination genuinely frightening | Attribution still uncertain |