Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Vulnerability exploitation overtakes credentials as top breach entry path

Target Trend
First reported
Last updated
Happening score
H score 39
1 unique sources, 2 articles

Summary

Hide ▲

Vulnerability exploitation became the top initial access vector for data breaches over the past year, displacing compromised credentials and signaling a major shift in breach entry patterns. The finding matters because it affects how defenders prioritize patching, exposure reduction, and attack-surface management. The latest measurement shows 31% of breaches began this way, up sharply from 20% the year before.

Related Happenings

Healthcare breach trend shifts toward AI-assisted social engineering in 2025

Target Trend
First: 22.05.2026 16:17 Last: 22.05.2026 16:17 Sources 1

About this happening: **Healthcare organizations** faced a sharp rise in **social engineering** and **pretexting** in **2025**, making identity abuse a dominant breach pattern. **Verizon Business’ 2026...

Open Happening

Verizon 2026 DBIR shows vulnerability exploitation as the top breach access trend in 2025

Target Trend
First: 20.05.2026 03:04 Last: 20.05.2026 03:04 Sources 1

About this happening: **Vulnerability exploitation** became the leading breach access vector in **2025**, increasing compromise risk across **31,000 incidents** and **22,000+ confirmed breaches**. **Un...

Open Happening

Storm-1175 high-velocity exploit campaign

Campaign
First: 06.04.2026 19:56 Last: 06.04.2026 19:56 Sources 1

About this happening: **Storm-1175** is running a **high-velocity exploit campaign** that rapidly turns access into **Medusa ransomware** deployment, creating risk of **data exfiltration** and encrypte...

Open Happening

44% Rise in public-facing application exploitation as vulnerability-led incidents dominated 2025

Target Trend
First: 25.02.2026 16:30 Last: 25.02.2026 16:30 Sources 1

About this happening: Attacks against **public-facing applications** jumped **44%**, widening exposure for internet-facing services and increasing intrusion risk. **Vulnerability exploitation** became...

Open Happening

Accelerating pre-disclosure exploitation of known exploited vulnerabilities in 2025

Target Trend
First: 22.01.2026 14:45 Last: 22.01.2026 14:45 Sources 1

About this happening: **Pre-disclosure exploitation** of **known exploited vulnerabilities (KEVs)** accelerated in **2025**, increasing the chance that defenders face attacks before patches and public...

Open Happening

Timeline

  1. 20.05.2026 11:40 2 articles · 7d ago

    Verizon DBIR shifts breach entry trends

    Technical Analysis Update

    Verizon's latest DBIR says vulnerability exploitation became the top initial access vector for data breaches for the first time in nearly two decades, with 31% of breaches over the past year starting that way versus 20% the year before. The report also says only 26% of critical CISA KEV vulnerabilities were fully remediated by organizations in 2025, shadow AI became the third most common non-malicious insider action in Verizon's DLP dataset, and only 23% of third-party organizations fully remediated missing or improperly secured MFA on cloud accounts.

    Show sources
    Open in new tab