- The Turing Test has a problem - and OpenAI's GPT-4.5 just exposed it
- This Android smartwatch undercuts what Samsung and Google offer - and it's better in ways
- Gemini Pro 2.5 is a stunningly capable coding assistant - and a big threat to ChatGPT
- This smart planter uses NASA tech to harvest vegetables at home - my buying advice after 45 days
- Cyber Agencies Warn of Fast Flux Threat Bypassing Network Defenses
Misconfigurations drive 80% of security exposures

A report from XM Cyber analyzes more than 40 million exposures in order to provide a thorough understanding of the current exposure landscape. The report found that 80% of exposures are caused by identity and credential misconfigurations. Out of these exposures, one-third of them put critical assets at risk of a breach.
According to the report, a majority of the exposure is within an organization’s active directory, a critical component for connecting users to network resources. However, it is also a target for malicious actors seeking access and elevated privileges. Misconfigurations and credential attacks are the top exposures, creating blind spots that conventional security tools can often miss. This includes issues with resetting login information or managing members. Furthermore, inadequate endpoint hygiene is an issue in many environments with cached credentials or lacking EDR coverage on more than 25% of devices. This provides malicious actors with initial entry points.
Cloud environments are also at risk of exposure. The report found that 56% of exposures that impact critical assets are within cloud platforms. Malicious actors can travel between on-premises systems and cloud environments with relative ease, thus compromising critical cloud assets.