Verizon’s 2026 DBIR reports that vulnerability exploitation became the leading access vector for breaches in 2025, with unpatched flaws behind 31% of cases and ransomware present in 48% of confirmed breaches. The report also highlights slower remediation, increased third-party exposure, and growing use of AI in attack development and targeting. #Verizon #DBIR #KEV #AI #MSHTA #ChromaDB #DirtyDecrypt
Keypoints
- Vulnerability exploitation was the top breach entry point in 2025.
- Unpatched vulnerabilities caused 31% of confirmed breaches.
- The median full patching time rose to 43 days.
- Ransomware appeared in 48% of confirmed breaches.
- Threat actors are increasingly using gen-AI and third-party exposure to expand attacks.