Cloud Threats Retrospective 2026: What AI Changed (and What It Didn’t)

**Executive summary:** In 2025 cloud incidents were still driven largely by familiar issues—vulnerabilities, exposed secrets, and misconfigurations (≈80% of initial access)—but systemic dependencies and rapid AI adoption increased scale and impact; security teams should prioritize visibility into exposures, identities, and how risk propagates across cloud, development, and AI systems to detect and disrupt attacker activity early.