Verizon has unveiled its 2025 Data Breach Investigations Report (DBIR), which revealed a dramatic increase in cyberattacks.
The report showed that third-party breaches have doubled to 30%. Also, exploitation of vulnerabilities has increased by 34%. This creates a serious threat for businesses worldwide.
The latest report shows a steep rise in zero-day exploits and ransomware—bad news for the cybersecurity landscape. Human error, weak credentials, and the abuse of GenAI continues to be major vulnerabilities. Unfortunately, bad actors only grow more cunning.
The report analyzed over 22,000 security incidents, including 12,195 confirmed data breaches. It discovered that credential abuse (22%) and the exploitation of vulnerabilities (20%) remain the leading initial attack vectors, shining a light on the dire need for better security measures.
Last year, bad actors and nation-state threat groups took advantage of vulnerabilities. They launched ransomware attacks aggressively, hitting more victims and quickly outsmarting defenses.
The rate of ransomware detected in data breaches leaped 37%, happening in 44% of the 12,195 data breaches reviewed. Researchers noted the presence of ransomware in nearly a third (32%) of data breaches last year.
Other key findings from the report stressed the urgency for entities to address cybersecurity threats. These include:
- The Exploitation of Vulnerabilities: This initial attack vector saw a 34% increase, with a focus on zero-day exploits targeting perimeter devices and VPNs
- Ransomware: Ransomware attacks rose by 37% since last year, and are now present in 44% of breaches, despite a noticeable decrease in the median ransom amount paid
- Human Element: Human involvement in breaches remains high, with a significant overlap between social engineering and credential abuse
Craig Robinson, Research Vice President, Security Services at IDC, said this year’s DBIR report reflects a “mixed bag” of results. “Glass-half-full types can celebrate the rise in the number of victim organizations that did not pay ransoms with 64% not paying vs 50% two years ago.”
On the flip side, he said the “glass-half empty personas” will view the results as saying the companies that don’t have the appropriate IT and cybersecurity maturity—often smaller entities—are paying the price for their size as ransomware was present in a staggering 88% of breaches.
“While there is no magic pill to swallow that will alleviate the pain of cybersecurity attacks, Verizon’s leadership in educating the public on the types of attacker motives, tactics and techniques is a key head start in raising global awareness and cyber readiness,” Robinson added.
A Dangerous Trend Accelerating
Yogita Parulekar, CEO of Invi Grid, said: “We’re watching a dangerous trend accelerate—the surge in exploited vulnerabilities, especially zero-days, isn’t just a blip. It’s the new normal, and it’s going to get worse before it gets better. What’s deeply concerning is that this spike comes at a time when the very agencies we rely on to identify and disclose these vulnerabilities are facing budget cuts and resource constraints. That means more gaps in visibility, more unknowns, and more chances for threat actors to strike.
As a CEO in cybersecurity, Parulekar said she sees the impact this has had on infrastructure, on the exhausted IT teams trying to do more with less, and on the users unknowingly exposed as a result. “When you don’t know what’s lurking out there, defending your environment can feel like fighting in the dark.”
“Now more than ever, we have to double down on fundamentals,” Parulekar adds. “Patch aggressively when updates are available. Don’t assume you’re covered—verify every endpoint. And don’t overlook the basics: make sure MFA is enabled everywhere it can be. It’s not just good practice—it’s protection when everything else might be out of date.”
Information Security Buzz News Editor
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.