- AI-powered hackers now exploit software flaws faster than companies can patch systems
- Mobile Phishing Scams Now Outpace Traditional Email Attacks in Corporate Environments Worldwide
- Rogue AI tools are quietly leaking sensitive company information into workplaces around the world.
For the first time in nearly two decades, exploiting software vulnerabilities has overtaken stolen passwords as the top way hackers breach corporate networks.
Verizon’s 2026 Data Breach Investigations Report states that vulnerability exploitation now accounts for 31% of all confirmed data breaches.
Credential theft, once the dominant entry point, has dropped to just 13% of reported incidents this year.
Vulnerability exploitation has become the number one threat.
The report analyzed more than 31,000 security incidents in 145 countries, revealing how the threat landscape has fundamentally changed.
Attackers are leveraging artificial intelligence to accelerate the discovery and weaponization of software flaws, dramatically reducing the window available for defenders to patch their systems, reducing response time from months to mere hours.
Despite this growing risk, the report found that only 26% of critical vulnerabilities were fully remediated throughout 2025.
The average time it took organizations to apply patches increased to 43 days, leaving networks exposed for weeks or even months.
“While the speed of AI-driven cyber threats is increasing, fundamental security principles remain the most effective defense,” said Daniel Lawson, senior vice president of Global Solutions at Verizon Business.
Ransomware was present in almost half of all breaches, at 48%, up from 44% the previous year.
However, the report noted that ransom payments have decreased with 69% of victims refusing to pay.
Mobile devices have become a more dangerous attack vector than email; Phishing simulations show that text messages and voice calls achieve 40% higher click-through rates than traditional email phishing.
The human element was still involved in 62% of all breaches, as attackers increasingly target mobile-centric communication channels where users are less suspicious.
Nearly half of all employees, or 45%, now use AI tools at work, which is a significant increase from just 15% the previous year.
But 67% of these workers access AI platforms through unauthorized personal accounts rather than approved corporate channels.
Shadow AI has become the third most common cause of non-malicious data breaches, exposing company secrets to significant risk of unintentional exposure.
Supply chain attacks have also increased substantially, with third-party involvement in breaches increasing 60% year over year.
The DBIR makes clear that attackers have changed their tactics and most organizations have not kept pace with modern threat actors.
Security fundamentals and using firewalls or malware removal tools still work, but they only work when organizations actually practice them consistently.
Organizations are advised to deploy patches faster, monitor mobile channels, monitor the use of AI, and assume that third parties will eventually be compromised.
Attackers are already acting on that assumption, and DBIR figures show they are right more often than wrong.
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds.
