IBM's 2026 X-Force Threat Intelligence Index reveals that 56% of the nearly 40,000 vulnerabilities tracked in 2025 required no authentication to exploit — explaining why unauthenticated flaws like the Cisco SD-WAN bypass, the MSHTML zero-day, and the Coruna iOS exploit kit all converged in the same week. Exploitation of public-facing applications surged 44% to become the leading initial access vector. Supply chain compromises nearly quadrupled since 2020. Over 300,000 AI chatbot credentials appeared on dark web marketplaces. Actionable guidance focuses on prioritizing unauthenticated vulnerabilities in patch queues, auditing external attack surfaces, and assessing supply chain exposure across CI/CD and SaaS integrations.

Links & Resources

• https://www.ibm.com/think/x-force/threat-intelligence-index-2026-securing-identities-ai-detection-risk-management
• https://uk.newsroom.ibm.com/ibm-2026-x-force-threat-index
• https://industrialcyber.co/reports/ibm-x-force-reports-44-surge-in-exploitation-of-public-facing-applications-as-supply-chain-and-identity-attacks-intensify/
• https://www.ibm.com/think/insights/more-2026-cyberthreat-trends
• https://www.securityweek.com/recent-cisco-catalyst-sd-wan-vulnerability-now-widely-exploited/
• https://thehackernews.com/2026/03/cisco-confirms-active-exploitation-of.html
• https://cloud.google.com/blog/topics/threat-intelligence/coruna-powerful-ios-exploit-kit