Hackers are increasingly using AI to detect software vulnerabilities, which has shortened the time that targets have to respond to threats, Verizon said in an annual report tracking data breaches.

Verizon said using software flaws in data surpassed stolen credentials for the first time. It said in a review of more than 31,000 incidents, 31% of all breaches started with vulnerability exploitation, adding “AI is fundamentally reshaping the ‌cybersecurity industry.”

The annual ⁠report that ⁠reviews a wide range of industry data shows intruders are using generative artificial intelligence to help at all stages of attacks “including targeting, initial access, and development of malware and other tools.”

AI was being used by threat actors “to accelerate the time to exploit known vulnerabilities, shrinking the window for defense from months to mere hours,” the report said.

The Verizon report also found that the use of Shadow AI – or non-authorized AI – is now the third most common non-malicious insider action ⁠in data ‌loss incidents. Employees are submitting source code, by images and other types of structured data.

This is the latest in a series of reports detailing the rise ⁠of AI in cyber incidents. CrowdStrike said in its annual global threat report earlier this year that in 2025, “AI-enabled adversaries increased attacks by 89% year-over-year…It elevated less sophisticated threat actors and amplified the most advanced ones.”

Verizon said AI’s primary impact “is currently operational: automating and scaling techniques defenders already know how to detect, not yet unlocking these novel or rare attack surfaces.” But it added that assessment might be obsolete as AI continues to advance rapidly.

The report does not cover data from Mythos, a new AI ‌model that has raised widespread cybersecurity concerns.

Mythos, announced on April 7, is being deployed as part of Anthropic’s “Project Glasswing,” a controlled initiative under which select organizations, including Verizon, are permitted to use the ⁠unreleased Claude Mythos Preview model for defensive cybersecurity purposes.

Mythos’ skill in coding at a high level has given it a potentially unprecedented ability to identify cybersecurity vulnerabilities and devise ways to exploit them, according to experts.

Verizon chief information security officer Nasrin Rezai said it was critical to address the growing threats.

“We need to fight AI with AI. We need to incorporate them into our practices,” Rezai told Reuters. “We need to bring them into our software development life cycle, in our testing processes, in our cyber defense processes at a scale that we have never done before.”

(Reporting by David Shepardson; Editing by Bernadette Baum and Hugh Lawson)

Join the community of 2M+ industry professionals.

Subscribe to Newsletter to get latest insights & analysis in your inbox.

All about ETCISO industry right on your smartphone!