Cybercriminals are using artificial intelligence to spot and exploit software vulnerabilities at machine speed, turning what once took months into attacks that happen in hours. This shift has made vulnerability exploitation the number one entry point for data breaches in 2025, overtaking stolen credentials for the first time.
The warning comes from Verizon’s latest Data Breach Investigations Report, which found that 31% of more than 31,000 security incidents started with attackers exploiting software flaws rather than using stolen passwords. The telecommunications giant’s 19th annual report analyzed incidents across 145 countries, with over 22,000 qualifying as actual data breaches.
The findings highlight a concerning trend where AI is not just changing how businesses operate, but also how criminals attack them. Hackers are using generative AI tools throughout their attack campaigns, from initial targeting and gaining access to developing malware and other malicious tools. However, Verizon notes that AI’s current impact remains primarily operational, automating existing attack methods rather than creating entirely new threat vectors.
The speed advantage AI gives attackers is significant. What previously required weeks or months of manual work to identify and exploit vulnerabilities can now happen in a matter of hours. This acceleration puts enormous pressure on organizations to patch security flaws faster than ever before, often creating an impossible race against time.
The problem extends beyond external threats. Employee adoption of unauthorized AI tools has created a new security challenge that organizations are struggling to manage. Unapproved AI usage at work tripled from 15% to 45% of the workforce, making this “shadow AI” phenomenon the third most common source of non-malicious data leakage.
This unauthorized AI adoption reflects a broader pattern where employees are not waiting for IT department approval before integrating AI tools into their workflows. The rapid proliferation of accessible AI applications makes it easy for workers to experiment with new tools without considering the security implications or data handling policies.
Adding to these concerns, third-party breaches rose 60% to account for nearly half of all incidents. This increase directly correlates with organizations outsourcing more critical functions to external vendors, expanding their attack surface beyond their direct control. When a vendor gets breached, all of their clients potentially become victims.
The scale of AI activity online is also growing at an unprecedented pace. AI bot crawlers are flooding the internet with a 21% month-on-month growth rate, completely dwarfing human-led traffic which remained flat. This explosion of automated activity makes it harder for security systems to distinguish between legitimate and malicious bot behavior.
Despite these escalating threats, Daniel Lawson, SVP of global solutions for Verizon Business, emphasized that traditional security principles remain the best defense. He stated that although cyber threats are accelerating due to AI and rapid vulnerability exploitation, “the foundational principles of security and strong risk management remain the most effective defense.”
The report’s findings underscore the double-edged nature of AI adoption in the enterprise. While organizations rush to implement AI solutions for competitive advantage, they must simultaneously defend against AI-powered attacks and manage the security risks of their own AI tool usage. This creates a complex security landscape where the same technology driving innovation is also empowering cybercriminals.
For businesses, the message is clear: traditional password-based security is no longer sufficient as the primary defense mechanism. Organizations need to prioritize vulnerability management, implement faster patching processes, and establish clear policies around employee AI tool usage while maintaining visibility into third-party vendor security practices.