Attackers on average have been enjoying slightly more than six days to exploit an unmitigated vulnerability before security teams resolve it, despite research continuing to demonstrate how hackers begin exploiting flaws within hours – or even minutes – of a new security alert being disclosed, researchers warned.

That time lag between a new vulnerability coming to light and when defenders lock it down is particularly problematic in the cloud, said Palo Alto’s Unit 42 threat intelligence group. In particular, Unit 42 researchers have found that threat actors are becoming more adept at exploiting not just unpatched vulnerabilities, but also more common, everyday issues such as weak credentials and lack of authentication.