New Verizon Report Reveals the Security Gap Attackers Are Exploiting Most

Verizon’s 2026 Data Breach Investigations Report (DBIR) identifies a critical shift in cybersecurity threats, with vulnerability exploitation overtaking credential abuse as the leading initial access method for attackers. The report, based on 31,000 security incidents and 22,000 confirmed breaches across 145 countries, shows vulnerability exploitation now accounts for 31% of breaches, up from credential abuse at 13%. This trend reflects the growing use of AI by threat actors to accelerate attacks, including phishing, reconnaissance, and malware development. A widening remediation gap is also evident, as only 26% of critical vulnerabilities listed in CISA’s Known Exploited Vulnerabilities catalog were fully addressed in 2025. The median remediation time increased from 32 to 43 days, leaving organizations struggling to keep pace with attackers exploiting unpatched systems. Remote Monitoring and Management (RMM) abuse surged by 240% year-over-year, with threat actors increasingly leveraging trusted tools and infrastructure to bypass defenses. The report highlights third-party risks as a major concern, with 48% of breaches involving external vendors or supply chain weaknesses—a 60% increase from the prior year. Human error remains a significant factor, contributing to 62% of breaches, underscoring the need for stronger security awareness programs. Ransomware continues to dominate, affecting 96% of small and midsize businesses, while distributed denial-of-service (DDoS) attacks are growing in scale and sophistication. Experts warn that these trends demand a reevaluation of cyber risk strategies. Will Baxter, Head of Product at Team Cymru, noted that attackers are exploiting trusted tools and infrastructure, requiring organizations to adopt more proactive security measures. John Watters, CEO of iCOUNTER, emphasized that the rise in third-party breaches should prompt businesses to reassess systemic exposure and vendor security practices. The DBIR underscores that foundational security practices—such as timely vulnerability patching, supply chain monitoring, and employee training—remain critical despite the evolving threat landscape. Organizations must prioritize closing the remediation gap and addressing AI-enabled threats to mitigate the growing risks identified in the report.