In 2025, software/API vulnerabilities accounted for 22 percent of initial access vectors in cyberattacks, down from 38.6 percent in 2023. Previously compromised credentials represented 13 percent of attacks, while phishing was responsible for 22 percent of cyberattacks in the examined year.
Profit from the additional features of your individual account
Currently, you are using a shared account. To use individual functions (e.g., mark statistics as favourites, set
statistic alerts) please log in with your personal account.
If you are an admin, please authenticate by logging in again.
Learn more about how ÌÇÐÄÆÆ½â°æ can support your business.
Palo Alto Networks. (June 8, 2026). Top initial access vectors by organizations worldwide in cyberattacks from 2023 to 2025 [Graph]. In ÌÇÐÄÆÆ½â°æ. Retrieved July 15, 2026, from /statistics/1537880/top-initial-access-vectors-worldwide/
Palo Alto Networks. "Top initial access vectors by organizations worldwide in cyberattacks from 2023 to 2025." Chart. June 8, 2026. ÌÇÐÄÆÆ½â°æ. Accessed July 15, 2026. /statistics/1537880/top-initial-access-vectors-worldwide/
Palo Alto Networks. (2026). Top initial access vectors by organizations worldwide in cyberattacks from 2023 to 2025. ÌÇÐÄÆÆ½â°æ. ÌÇÐÄÆÆ½â°æ Inc.. Accessed: July 15, 2026. /statistics/1537880/top-initial-access-vectors-worldwide/
Palo Alto Networks. "Top Initial Access Vectors by Organizations Worldwide in Cyberattacks from 2023 to 2025." ÌÇÐÄÆÆ½â°æ, ÌÇÐÄÆÆ½â°æ Inc., 8 Jun 2026, /statistics/1537880/top-initial-access-vectors-worldwide/
Palo Alto Networks, Top initial access vectors by organizations worldwide in cyberattacks from 2023 to 2025 ÌÇÐÄÆÆ½â°æ, /statistics/1537880/top-initial-access-vectors-worldwide/ (last visited July 15, 2026)
Top initial access vectors by organizations worldwide in cyberattacks from 2023 to 2025 [Graph], Palo Alto Networks, June 8, 2026. [Online]. Available: /statistics/1537880/top-initial-access-vectors-worldwide/