• Weak access controls, AI confusion, and the interconnection of business continue to expand Threat • More than half (56%) of the 400,000 vulnerabilities IBM X-Force tracked in 2025 required no authentication before exploitation • This is revealed in theX-Force 2025 Threat Intelligence Index • The report also highlights the continuing success of infostealer credential theft, pointing to the discovery of 300,000 ChatGPT credentials on the dark web (almost certainly stolen by infostealers) • Clearly, more effective access control is required at the base • But the entire threat ecosystem is being complicated by the complexity of artificial intelligence, which is being used as a force multiplier by attackers

Article Summaries:

  • Weak access controls, AI confusion, and the interconnection of business continue to expand Threat. More than half (56%) of the 400,000 vulnerabilities IBM X-Force tracked in 2025 required no authentication before exploitation. This is revealed in the X-Force 2025 Threat Intelligence Index. The report also highlights the continuing success of infostealer credential theft, pointing to the discovery of 300,000 ChatGPT credentials on the dark web (almost certainly stolen by infostealers). Clearly, more effective access control is required at the base. But the entire threat ecosystem is being compl

Sources: