IBM X-Force’s 2026 Threat Intelligence Index reports a 44% increase in exploitation of public-facing applications, a 4x rise in supply chain compromises since 2020, 109 active ransomware and extortion groups, and over 300,000 ChatGPT credentials advertised on dark-web markets. AI has accelerated every stage of the attacker lifecycle—automating vulnerability discovery, reconnaissance, phishing, and payload adaptation—making vulnerability exploitation the top initial access vector and expanding risk to AI platforms. #ChatGPT #Raccoon
Keypoints
- Attacks starting with public-facing application exploitation rose 44% year-over-year.
- Vulnerability exploitation became the leading initial access vector, accounting for 40% of incidents.
- 56% of exploited vulnerabilities required no authentication, exposing wide-open endpoints.
- Over 300,000 ChatGPT credential sets were sold on dark-web markets, harvested by infostealers like Raccoon and Vidar.
- Supply chain compromises nearly quadrupled since 2020, aided by AI coding assistants and leaked builder kits like LockBit and Babuk.
Read More: https://www.toxsec.com/p/ibm-x-force-2026-confirms-ai-supercharged