- AI-powered hackers now exploit software flaws faster than companies can patch systems
- Mobile phishing scams now outperform traditional email attacks across corporate environments worldwide
- Unauthorized AI tools are quietly leaking sensitive company information across global workplaces
For the first time in nearly two decades, exploiting software vulnerabilities has overtaken stolen passwords as the primary way hackers breach corporate networks.
Verizon’s 2026 Data Breach Investigations Report claims the exploitation of vulnerabilities now accounts for 31% of all confirmed data breaches.
Stolen credentials, once the dominant entry point, have dropped to just 13% of reported incidents this year.
Vulnerability exploitation has become the number one threat
The report analyzed over 31,000 security incidents across 145 countries, revealing how the threat landscape has fundamentally shifted.
Attackers are leveraging artificial intelligence to accelerate the discovery and weaponization of known software flaws, which dramatically shrinks the window available for defenders to patch their systems, reducing response time from months to mere hours.
Despite this growing risk, the report found that only 26% of critical vulnerabilities were fully remediated throughout 2025.
The median time organizations took to apply patches jumped to 43 days, leaving networks exposed for weeks or even months.
“While the velocity of cyber threats driven by AI is increasing, the foundational principles of security remain the most effective defense,” said Daniel Lawson, SVP of Global Solutions at Verizon Business.
Ransomware was present in nearly half of all breaches, at 48%, up from 44% the previous year.
However, the report noted that ransom payments have declined, with 69% of victims refusing to pay.
Mobile devices have become a more dangerous attack vector than email, with phishing simulations showing that text messages and voice calls achieve 40% higher click rates than traditional email phishing.
The human element was still involved in 62% of all breaches, as attackers increasingly target mobile-centric communication channels where users are less suspicious.
Nearly half of all employees, or 45%, now use AI tools at work, representing a significant increase from just 15% the previous year.
But 67% of these workers access artificial intelligence platforms through unauthorized personal accounts rather than approved corporate channels.
Shadow AI has become the third most common cause of non-malicious data leakage, putting company secrets at significant risk of unintended exposure.
Supply chain attacks have also grown substantially, with third-party involvement in breaches increasing by 60% year-over-year.
The DBIR makes it clear that attackers have shifted their tactics, and most organizations have not kept pace with the speed of modern threat actors.
The fundamentals of security and the use of firewalls or malware removal tools still work, but they only work when organizations actually practice them consistently.
Organizations are advised to patch faster, monitor mobile channels, control AI usage, and assume that third parties will eventually be compromised.
The attackers are already acting on that assumption, and the DBIR numbers prove they are right more often than they are wrong.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.
