Verizon DBIR: AI Helped Hackers Exploit Vulnerabilities in 31% of Recent Breaches

Verizon's 2026 DBIR, based on ~31,000 incidents and 22,000 confirmed breaches, reports AI-driven acceleration of attacks where exploitation of software vulnerabilities (31% of breaches) has overtaken stolen credentials as the top initial access vector; it also highlights increased mobile/social engineering success, LSASS credential dumping, a tripling of shadow AI usage leading to corporate data exposure, a 60% surge in supply-chain breaches (vendor issues now account for 48% of breaches), and a large North Korean identity-fraud campaign involving ~15,000 stolen identities — urging renewed focus on fundamentals like rapid patching, identity management, and security culture.