U.S. Public Sector Under Siege: Threat Intelligence for Q1 2026

Q1 2026 threat intelligence report covering the U.S. public sector cyber threat landscape. Key developments include Salt Typhoon (China-linked) breaching congressional committee emails with operations confirmed ongoing by the FBI, record data exposure in education ransomware attacks (3.9M records, 27% increase), state DHS breaches in Illinois and Minnesota due to configuration failures, and a supply chain attack on Anchorage Police. AI-enhanced ransomware is accelerating, with agentic AI now automating reconnaissance, victim prioritization, and ransom negotiation. Critical CVEs in Fortinet, Cisco, and VMware products are being actively exploited against government infrastructure. Priority actions include patching internet-facing devices, enforcing MFA, conducting third-party security assessments, and deploying behavioral detection. The post promotes Trend Micro's TrendAI Vision One platform as the recommended solution.