[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fWqffVp0Xp7GUrdV_Sz6oUw_fzSsRFcQ92C8ibz2VO8g":3},{"article":4,"iocs":54},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":33,"category":34,"article_tags":38},"26a7eaa6-5b42-4532-8b8f-a309bbe132c3","Verizon DBIR: AI Helped Hackers Exploit Vulnerabilities in 31% of Recent Breaches","verizon-dbir-ai-helped-hackers-exploit-vulnerabilities-in-31-of-recent-breaches-451b50","Verizon DBIR 2026 reveals software vulnerabilities overtook stolen passwords in cyberattacks, with AI helping hackers exploit flaws within hours.","Verizon's 2026 Data Breach Investigations Report analyzed 31,000 incidents and 22,000 breaches across 145 countries, revealing that software vulnerabilities have overtaken stolen credentials as the primary attack vector for the first time in 19 years. Generative AI is enabling attackers to weaponize vulnerabilities within hours instead of months, significantly reducing the defensive window. Additional findings include a 60% surge in supply chain breaches, a North Korean identity fraud campaign using 15,000 stolen identities, and tripled employee use of unapproved shadow AI tools increasing data exfiltration risks.","Verizon DBIR 2026: AI exploited software vulnerabilities in 31% of breaches, compressing exploit timelines from months","Data Breaches Artificial Intelligence SecurityVerizon DBIR: AI Helped Hackers Exploit Vulnerabilities in 31% of Recent Breaches Verizon DBIR 2026 reveals software vulnerabilities overtook stolen passwords in cyberattacks, with AI helping hackers exploit flaws within hours. byDeeba AhmedMay 20, 20263 minute read The 19th Verizon Data Breach Investigations Report (DBIR) contains worrying, if not surprising, details about how hackers are coming up with unique ways to compromise corporate networks. For DBIR 2026, Verizon security experts analysed over 31,000 real-world security incidents and 22,000 confirmed breaches across 145 countries. They found that using artificial intelligence (AI) to fast-track malicious activities has been a raging trend throughout the coverage duration of their report’s dataset, which covers incidents from October 2024 to November 2025 and some early trends from 2026. The death of the stolen password It is the first time in DBIR’s 19-year history that researchers found exploiting software vulnerabilities overtaking usage of stolen credentials to become the top-most preferred way hackers gain initial access to a network. Reportedly, this specific technique caused 31% of all breaches. Previously, hackers took months to weaponise a newly discovered software bug, whereas now, through generative AI (GenAI), they can conduct vulnerability research quickly. This means GenAI has shrunk the defensive window down to a few hours. Another crucial finding is that while users are still learning to spot standard email phishing, scammers have moved to mobile phones, with interactive social engineering attacks becoming the norm. Research revealed that using voice calls and text messages boasts a 40% higher success rate compared to traditional email phishing. And, once inside an endpoint system, hackers use OS credential dumping, specifically LSASS memory dumping, to obtain higher permissions. Shadow AI and laptop farms Internal corporate habits are also causing data exfiltration risks, as the report (PDF) states that employee use of unapproved shadow AI tools tripled in a single year- from 15% to 45% of the workforce. Staff regularly upload corporate data and source code into unauthorised external models. At the same time, third-party supply chain breaches surged by 60%, meaning vendor vulnerabilities now account for 48% of all breaches. The dataset highlighted a massive identity fraud campaign attributed to North Korean threat actors involving the use of around 15,000 stolen identities to pass technical interviews and land remote full-stack engineering and marketing jobs. They operated through regional laptop farms run by local accomplices with the intention to send earned money back home to fund state operations. Researchers finally conclude that automated threats are rising since internet traffic from AI bot internet crawlers is increasing by 21% month-over-month. In comparison, human web traffic growth is at 0.3%. As the report concludes, “The threat landscape will keep evolving, but the fundamentals still matter most.” Source: Verizon DBIR Industry Experts on the 2026 Verizon Data Breach Investigations Report Several industry leaders shared their thoughts on the findings with Hackread.com, detailing how corporate security teams must adapt to machine-speed threats. Matthew Hartman, Chief Strategy Officer at Merlin Group, agrees that the traditional timeline for network defense has collapsed completely: “Today’s Verizon DBIR confirms what security teams are already experiencing: AI has compressed the time between vulnerability discovery and exploitation from months to hours. Companies can’t defend against that reality with periodic assessments and siloed tools.” Trey Ford, Chief Strategy and Trust Officer at Bugcrowd, views the landmark data as an economic shift rather than a technical fluke: “The DBIR’s 19-year credential streak ending is not primarily a credential story; it is an economics story. AI is making vulnerability discovery and weaponization so fast and cheap that attackers no longer need a stolen password when a known, unpatched flaw gets them in faster.” Ford emphasizes that “point-in-time testing cannot keep pace with machine-speed exploitation,” and that the rise of shadow AI represents a massive internal coverage gap most enterprises remain blind to. Mika Aalto, Co-Founder and CEO at Hoxhunt, adds that building a resilient internal posture requires blending technical hygiene directly with behavioral changes: “The DBIR’s message this year is refinement, not revolution. AI is accelerating threats, but the organizations that will stay resilient are still the ones executing well on fundamentals: patching, incident response, identity management, and increasingly, security culture.“ Deeba Ahmed Deeba is a veteran cybersecurity reporter at Hackread.com with over a decade of experience covering cybercrime, vulnerabilities, and security events. Her expertise and in-depth analysis make her a key contributor to the platform’s trusted coverage. View Posts AICyber AttackCyber CrimeCybersecurityVerizonVerizon DBIRVulnerability Leave a Reply Cancel reply View Comments (0) Related Posts Security Privacy Social Media Technology Facebook will use facial recognition to unlock your account Facebook is known for tracking users even when they log off from the site; the social media giant also… byCarolina Security 5 Proven Cyber Security Certifications That Will Boost Your Salary in 2018 Cybersecurity is one of the few industries where it is possible to legally become a millionaire within a short period of time. byAlex Bennett Read More Security Malware Fileless Remcos RAT Attack Evades Antivirus Using PowerShell Scripts A new wave of attacks uses PowerShell and LNK files to secretly install Remcos RAT, enabling full remote… byDeeba Ahmed Read More Data Breaches Leaks Malware Security 149M Logins from Roblox, TikTok, Netflix, Crypto Wallets Found Online Another day, another trove of login credentials in plain text found online. byDeeba Ahmed","https:\u002F\u002Fhackread.com\u002Fverizon-dbir-ai-hackers-exploit-vulnerabilities-breaches\u002F","https:\u002F\u002Fhackread.com\u002Fwp-content\u002Fuploads\u002F2026\u002F05\u002Fverizon-dbir-ai-hackers-exploit-vulnerabilities-breaches-2.png","2026-05-20T12:32:37+00:00","2026-05-20T14:00:25.161209+00:00",9,[18,21,24,27,29,31],{"name":19,"type":20},"Verizon","vendor",{"name":22,"type":23},"North Korean identity fraud campaign","campaign",{"name":25,"type":26},"Generative AI (GenAI)","technology",{"name":28,"type":26},"LSASS memory dumping",{"name":30,"type":20},"Merlin Group",{"name":32,"type":20},"Bugcrowd","80544778-fabb-4dcd-aa35-17492e5dcf4f",{"id":33,"icon":35,"name":36,"slug":37},null,"Vulnerabilities","vulnerabilities",[39,44,49],{"category":40},{"id":41,"icon":35,"name":42,"slug":43},"2e06f76c-d5b9-4f54-9eef-4d3447b10730","Breaches","breaches",{"category":45},{"id":46,"icon":35,"name":47,"slug":48},"839da5c1-3c34-47e2-9499-f7201640e3ac","AI Security","ai-security",{"category":50},{"id":51,"icon":35,"name":52,"slug":53},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[]]