Verizon’s 2026 DBIR: Vulnerability Exploitation Dominates Data Breaches as AI Accelerates Attacks
Verizon’s latest Data Breach Investigations Report (DBIR) reveals a sharp rise in cyber threats, with 31,000 security incidents analyzed in 2025 over 22,000 confirmed breaches, nearly double the previous year’s total. The report highlights unpatched vulnerabilities as the leading attack vector, responsible for 31% of breaches, surpassing credential abuse (13%), which previously topped the list.
Threat actors are increasingly leveraging AI to expedite exploitation, shrinking the defense window from months to mere hours. Verizon warns that this rapid weaponization strains security teams, while median patching times have worsened, rising to 43 days in 2025 from 32 days in 2024. Organizations patched only 26% of critical flaws in CISA’s Known Exploited Vulnerabilities (KEV) catalog last year, down from 38% in 2024, with the number of critical vulnerabilities requiring remediation increasing by 50%.
Ransomware remained a dominant threat, involved in 48% of breaches (up from 44%), though median ransom payments fell below $140,000, with only 31% of victims paying. Third-party risks also surged, contributing to 48% of breaches a 60% increase as reliance on external software and services expanded attack surfaces. Only 23% of third-party cloud providers fully remediated missing or misconfigured MFA, with half resolving issues within a month.
AI’s role in cyberattacks is growing, with threat actors using generative AI for targeting, initial access, and malware development. The report notes that attackers employed AI in 15 documented techniques on average, with some leveraging up to 50. Meanwhile, shadow AI unauthorized use of generative AI services remains a concern, as 67% of users access non-corporate AI tools from work devices, and 45% of employees are regular AI users, up from 15% last year.
Human factors persisted as a major weakness, with 62% of breaches involving human error or social engineering, which accounted for 16% of incidents. Mobile phishing attacks saw a 40% higher success rate than email-based campaigns. The findings underscore a critical gap in proactive security, as organizations struggle to address vulnerabilities before exploitation particularly as AI reshapes the threat landscape.
Verizon cybersecurity rating report: https://www.rankiteo.com/company/verizon
"id": "VER1779243969",
"linkid": "verizon",
"type": "Vulnerability",
"date": "1/2025",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"{'affected_entities': [{'type': 'Organizations across industries'}],
'attack_vector': ['vulnerability_exploitation',
'credential_abuse',
'social_engineering',
'AI-assisted_attacks'],
'date_publicly_disclosed': '2026',
'description': 'Verizon’s latest Data Breach Investigations Report (DBIR) '
'reveals a sharp rise in cyber threats, with 31,000 security '
'incidents analyzed in 2025 over 22,000 confirmed breaches, '
'nearly double the previous year’s total. The report '
'highlights unpatched vulnerabilities as the leading attack '
'vector, responsible for 31% of breaches, surpassing '
'credential abuse (13%). Threat actors are increasingly '
'leveraging AI to expedite exploitation, shrinking the defense '
'window from months to mere hours. Ransomware remained a '
'dominant threat, involved in 48% of breaches, with median '
'ransom payments falling below $140,000. Third-party risks '
'surged, contributing to 48% of breaches, and AI’s role in '
'cyberattacks grew significantly.',
'impact': {'data_compromised': '22,000 confirmed breaches'},
'investigation_status': 'Completed (report published)',
'lessons_learned': 'Unpatched vulnerabilities and slow patching times (median '
'43 days) are major contributors to breaches. AI is '
'accelerating attack timelines, and third-party risks are '
'increasing. Human error and social engineering remain '
'significant weaknesses.',
'post_incident_analysis': {'corrective_actions': ['Improve vulnerability '
'management and patching '
'processes.',
'Strengthen third-party '
'risk assessments and '
'monitoring.',
'Enhance defenses against '
'AI-driven attacks.',
'Increase security '
'awareness training for '
'employees.'],
'root_causes': ['Unpatched vulnerabilities (31% of '
'breaches)',
'Slow patching times (median 43 '
'days)',
'Third-party risks (48% of '
'breaches)',
'AI-assisted attacks (15+ '
'techniques used on average)',
'Human error and social '
'engineering (62% of breaches)']},
'ransomware': {'ransom_paid': '<$140,000 (median)'},
'recommendations': ['Prioritize patching critical vulnerabilities, especially '
'those in CISA’s KEV catalog.',
'Improve third-party risk management, particularly for '
'cloud providers and MFA configurations.',
'Enhance monitoring and response capabilities to counter '
'AI-driven attacks.',
'Address human factors through security awareness '
'training, especially for mobile phishing.',
'Implement proactive security measures to reduce the '
'window of exposure.'],
'references': [{'source': 'Verizon Data Breach Investigations Report (DBIR) '
'2026'}],
'response': {'remediation_measures': 'Patching critical vulnerabilities '
'(median time: 43 days)'},
'title': 'Verizon’s 2026 DBIR: Vulnerability Exploitation Dominates Data '
'Breaches as AI Accelerates Attacks',
'type': ['data_breach', 'ransomware', 'third-party_breach'],
'vulnerability_exploited': 'Unpatched vulnerabilities (31% of breaches)'}