Exploits of public-facing apps are surging. Why?

For years, stolen credentials were king—the hacker’s attack vector of choice. Until now. 

The 2026 IBM X-Force Threat Intelligence Index reveals a surge in the exploitation of public-facing applications, overtaking identity-based attacks as the top initial access vector.  

Why are threat actors changing their tactics so dramatically—and what does it mean for defenders? 

In this episode of Security Intelligence, panelists Claire Nuñez, Chris Caridi and Joe Xatruch break down the biggest findings from the latest Threat Intelligence Index, plus: 

• Infostealers that grab AI agents’ “souls” 
• Compromised packages that drop AI agents as malware 
• The AI infrastructure flaws we can’t seem to fix 
• Why threat intelligence is so siloed—and what we can do about it 

All that and more—on Security Intelligence. 

00:00 - Intro 

1:17 - Threat Intelligence Index 2026  

16:22 - Stealing AI agents’ souls  

28:03 - AI infrastructure flaws  

36:36 - Threat intelligence made human 

The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity. 

Follow the Security Intelligence podcast on your preferred platform → https://www.ibm.com/think/podcasts/security-intelligence 

Explore the Threat Intelligence Index 2026 → https://www.ibm.com/reports/threat-intelligence#sipod