IBM X-Force’s 2026 threat report found a 44% rise in attacks against public-facing applications in 2025, showing that attackers are increasingly getting in through exposed internet-facing systems instead of relying mainly on stolen credentials. It says this shift is being driven by weak authentication, misconfigurations, insecure code, and software supply-chain weaknesses. Even though credential theft is still a major problem, the report argues that many attackers no longer need to bypass MFA or trick a user first, because so many exposed services can be attacked directly. It also notes that 56% of the vulnerabilities IBM tracked did not require authentication, which makes the attack surface even larger.

The article also says supply-chain and identity attacks are becoming more important and more connected. IBM reports a nearly fourfold increase over five years in major supply-chain or third-party breaches, with attackers targeting platforms like GitHub, GitLab, npm, CI/CD systems, and cloud environments to steal tokens, credentials, and access. It adds that ransomware is becoming more fragmented, with more active groups operating in smaller, less predictable ways, while AI is helping attackers move faster by improving phishing, reconnaissance, and automation. The overall message is simple: most breaches still come from basic weaknesses—poor patching, weak identity controls, and bad configuration—so organizations need stronger identity security, better visibility, and more disciplined vulnerability and exposure management.

‍

Source: https://industrialcyber.co/reports/ibm-x-force-reports-44-surge-in-exploitation-of-public-facing-applications-as-supply-chain-and-identity-attacks-intensify/