'The cloud threat landscape is rapidly shifting': Google research warns hackers are targeting third parties and software flaws to gain entry
techradar.com
- Google report shows attackers shifting to software flaws over weak credentials
- Vulnerabilities now account for 44.5% of cloud breaches, exploited within days
- Third-party SaaS integrations increasingly abused for data theft and access
To break into cloud environments, cybercriminals are relying less on weak credentials and more on third-party software vulnerabilities, new research from Google has found.
The Cloud Threat Horizons Report claims early in 2025 most compromises still relied on weak, or missing credentials. However, in the second half of the year, attackers increasingly started exploiting vulnerabilities in externally managed software.
The shift was quite significant, too. Software vulnerabilities now account for 44.5% of initial access vectors, taking up a bigger share than weak credentials (27.2%) for the first time ever. Misconfigurations now take up 21%, and exposed interfaces 4.9%.
Article continues below
Copyright of this story solely belongs to techradar.com . To see the full text click HERE