Palo Alto Networks Unit 42 released its 2026 Global Incident Response Report based on over 750 major incidents. AI acts as a force multiplier for attackers by compressing the attack lifecycle and enabling faster exfiltration. Identity weaknesses played a role in nearly 90 percent of cases with attackers using stolen credentials to escalate and move laterally. Software supply chain risks now include misuse of SaaS integrations and trusted tools. Nation state actors use stealth tactics like synthetic identities. Most breaches stem from preventable gaps rather than advanced techniques. Multi surface attacks are common with many starting in the browser. Recommendations include better visibility, zero trust, and faster SOC response. The report stresses closing exposure in applications, identity, and third party connections.
Palo Alto Networks Unit 42 released its 2026 Global Incident Response Report based on over 750 major incidents. AI acts as a force multiplier for attackers by compressing the attack lifecycle and enabling faster exfiltration. Identity weaknesses played a role in nearly 90 percent of cases with attackers using stolen credentials to escalate and move laterally. Software supply chain risks now include misuse of SaaS integrations and trusted tools. Nation state actors use stealth tactics like synthetic identities. Most breaches stem from preventable gaps rather than advanced techniques. Multi surface attacks are common with many starting in the browser. Recommendations include better visibility, zero trust, and faster SOC response. The report stresses closing exposure in applications, identity, and third party connections.