Key Takeaways
- 31% of breaches begin with vulnerability exploitation
- AI reduces vulnerability exploitation time from months to hours
- Shadow AI ranks third in insider data loss activity
Artificial intelligence is increasingly being used to identify and exploit software vulnerabilities at a faster pace, according to an annual Verizon Cybersecurity Report. The findings highlight a shift in how breaches begin, with software flaws now surpassing stolen credentials as the most common entry point for attackers.
Software Vulnerabilities Now Lead Initial Breach Activity
The Verizon Cybersecurity Report analyzed more than 31,000 security incidents and found that 31 percent of all breaches began with the exploitation of software vulnerabilities. This marks the first time vulnerability-based attacks have exceeded credential theft as an initial access method.
Verizon noted that artificial intelligence is being used across multiple stages of cyberattacks, including target selection, initial access, and malware development. The report stated that AI is significantly reducing the time needed to identify and exploit known vulnerabilities.
Attackers are now able to compress exploitation timelines from months to just hours, significantly reducing the response window available to security teams. This acceleration increases pressure on organizations to detect and patch vulnerabilities more quickly.
AI-Driven Attacks Expand Across The Cyber Kill Chain
According to the Verizon Cybersecurity Report, generative AI is being integrated into multiple phases of cyber operations. These include scanning for weaknesses, automating exploitation techniques, and supporting the creation of malicious tools.
AI systems are also being used to improve the efficiency of malware development and attack automation. This allows less experienced threat actors to perform more advanced operations, increasing overall attack volume.
The report also identifies a growing trend in what it calls Shadow AI, referring to unauthorized use of artificial intelligence tools within organizations. Shadow AI is now the third most common non-malicious factor in data loss incidents.
Employees have been observed submitting sensitive inputs such as source code and structured data into AI systems without authorization. This creates additional risk exposure through unmonitored data handling channels.
Rising Volume And Speed of AI-Enabled Threats
The Verizon Cybersecurity Report found that AI-enabled adversaries increased attack activity significantly over the past year. The findings suggest that artificial intelligence is amplifying both the scale and sophistication of cyber threats.
The report states that AI is currently most impactful in operational areas, particularly in scaling existing attack methods rather than introducing entirely new techniques. However, it also notes that this assessment may change as AI capabilities continue to advance rapidly.
Security leaders cited in the Verizon Cybersecurity Report emphasize the growing need for defensive systems that can match AI-driven attack speeds. The shift in attack timelines is placing greater emphasis on rapid detection, automated response, and continuous monitoring of vulnerabilities.
The findings underline a structural change in the cybersecurity landscape, where software vulnerability exploitation is becoming faster, more automated, and more widely accessible due to artificial intelligence tools.
