CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ◇ Industry News & Leadership Jun 16, 2026

Vulnerability exploitation top breach entry point, 2026 industry-wide DBIR finds - Verizon

Verizon Archived Jun 16, 2026 ✓ Full text saved

Vulnerability exploitation top breach entry point, 2026 industry-wide DBIR finds Verizon

Full text archived locally
✦ AI Summary · Claude Sonnet


    Accessibility Resource Center Skip to main content About Us Careers Support About Us News Responsibility Investors end of navigation menu Get email updates with the latest stories, insights, and news from Verizon. Sign up for Verizon News Alerts Vulnerability exploitation top breach entry point, 2026 industry-wide DBIR finds The 19th edition of the Data Breach Investigations Report (DBIR) confirms AI-driven speed as a new challenge, pushing security strategy toward fundamental resilience. Download 2026 DBIR Media contact: Carlos Arcila Published May 19, 2026 At a glance Vulnerabilities top entry point: Using software flaws (31%) has surpassed stolen credentials for the first time, with AI accelerating attacks from months to hours. New human & AI risks: Mobile social engineering success is up 40%, while employee use of unapproved “shadow AI” tripled to 45%, spiking data leakage. Expanding attack surfaces: Third-party supply chain breaches jumped 60% (now 48% of total), while AI bot traffic is growing 21% month-over-month. NEW YORK, NY—Verizon published the annual Data Breach Investigations Report (DBIR) today, which shows how Artificial Intelligence (AI) is impacting the cyber threat landscape as a whole. Although this report uses 2025 data—predating the latest frontier model advancements—the trends are clear: AI is fundamentally reshaping the cybersecurity industry. And at the same time that AI-detected vulnerabilities are in the news, for the first time in 19 years of the DBIR being published, exploiting vulnerabilities has surpassed stolen credentials to become the number one breach entry point.  Key findings: Nearly a third (31%) of all breaches start with vulnerability exploitation in an AI world: This is the first time in 19 years that it has surpassed stolen credentials as the biggest point of entry. Further, AI is being leveraged by threat actors to accelerate the time to exploit known vulnerabilities, shrinking the window for defense from months to mere hours.  Interactive, conversational attacks on mobile are on the rise: In terms of the “Human Element” risk of cybersecurity, as people get more savvy about traditional email phishing, threat actors are pivoting to mobile-centric social engineering (fake text messages and voice calls) with a success rate 40% higher than traditional email phishing.   More employees now use ‘shadow AI’ at work, risking company secrets: Shadow AI, referring to employees using unapproved AI tools at work, is now the third most common non-malicious data leakage related activity. Frequent usage of AI tools by employees has surged from 15% to 45% of employees in a single year, highlighting an elevated risk of data exfiltration associated with unapproved platforms.  Supply chains get riskier as third-party involvement in breaches is up 60%: As companies rely more heavily on external vendors, threat actors are exploiting those vulnerabilities, with breaches involving a third party now accounting for 48% of all breaches.  AI Bots are the next frontier: AI Bot Internet Crawlers are experiencing a massive 21% month-over-month growth compared to entirely flat (0.3%) human-led traffic growth, showing where the next set of threats could come from. What it means:  The rapid weaponization of known vulnerabilities by AI can create a capacity crisis for security teams, underscoring the urgent need to prioritize fundamental security and risk management practices. In response, the DBIR is providing Chief Information Security Officers (CISOs) and cybersecurity professionals with actionable, resilient recommendations tailored with today’s AI environment in mind throughout the report. These include preparing for an influx of patches as AI identifies software flaws at an accelerating rate, integrating AI into ’secure by design’ frameworks, and leveraging AI within defense-in-depth strategies to minimize the total attack surface. “While the velocity of cyber threats—driven by AI and faster vulnerability exploitation—is increasing, the foundational principles of security and strong risk management remain the most effective defense,” said Daniel Lawson, SVP Global Solutions, Verizon Business. “The DBIR reinforces that these fundamentals still hold as organizations strive for resilience.” Download the full 2026 DBIR and review industry specific information on Verizon’s website Published May 19, 2026 Media Contact Carlos Arcila 908-202-0479 Carlos.Arcila@verizon.com Categories: Networks & platforms Network solutions for business Tags: Cybersecurity Continue reading The new 465 area code is coming to the 347/718/917/929 area code region in New York New York is getting a new 465 area code starting June 18, 2026. This overlay joins 347, 718, 917, and 929. Learn how this change impacts calls and local dialing in the NYC boroughs. 7 days ago in Building the future Verizon named a leader in Gartner® Magic Quadrant™ IoT report, marking third recognition after Private Network, Global WAN reports Verizon named a Leader in this year’s Gartner Magic Quadrant for Managed IoT Connectivity Services, following the same recognition in 4G and 5G Private Mobile Services and Global WAN services 25 days ago in Network solutions for business Beyond the track: How Verizon is powering your Indy 500 experience Verizon overhauled the Indy 500 network for a seamless fan experience, providing instant app response, fast entry, and pro-level 5G speeds for all your sharing and streaming. 26 days ago in 5G technology Services & Solutions Verizon.com Mobile Plans Mobile Devices Home Services Small and Medium Business Enterprise Solutions Verizon Connect Public Sector Partner Solutions Support Mobile Online Support Home Online Support Contact Customer Support Sign in to your Account Store Locator Account Security & Fraud Claims Accessibility News Alerts Signup Innovation Innovation Labs Verizon Ventures Network Technologies Fiber Optics Multi-Access Edge Compute (MEC) Careers Welcome to the #VTeamLife Life at Verizon Our Culture Search Open Roles Careers Site Map Follow Verizon linkedin facebook-official twitter you-tube instagram TikTok Privacy Policy California Privacy Notice Health Privacy Notice Your Privacy Choices Website Terms of Use Accessibility Open Internet Important Consumer Information Site Map © 2026 Verizon
    💬 Team Notes
    Article Info
    Source
    Verizon
    Category
    ◇ Industry News & Leadership
    Published
    Jun 16, 2026
    Archived
    Jun 16, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗