Report: 1 In 4 Data Breaches Exploit Third-Party Vulnerabilities
tech.co, Wednesday, February 18th, 2026
Plus, AI-powered phishing campaigns represented over 80% of social engineering events in 2025.
Key Takeaways
- One in four breaches today exploits a third-party vulnerability rather than a direct internal attack.
- 30% of cyber intrusions are through the use of valid credentials, often stolen in phishing attacks.
- In 2025, cyber attackers shifted away from 'frequent but contained' events and toward fewer attacks with larger financial impacts.
Supply chain vulnerabilities and AI-powered phishing attacks are the latest trends in cybersecurity, according to a new threat report.