Phishing returned as the leading method attackers used to break into organizations in the first quarter of 2026, accounting for over a third of engagements where initial access could be determined, according to Cisco Talos. It is the first quarter phishing has led the category since Q2 2025, when exploitation of public-facing applications took over following widespread attacks against on-premises Microsoft SharePoint servers. That SharePoint exploitation wave, collectively tracked as ToolShell, drove public-facing application exploitation … More
The post Phishing reclaims the top initial access spot, attackers experiment with AI tools appeared first on Help Net Security.