What misconfigurations did ethical hackers run into the most this year?

Same misconfigurations, different day.

That’s how ethical hackers described misconfigurations they observed in 2025 that still place organizations at risk.

Kent Ickler, senior penetration tester at Black Hills Information Security, told IT Brew that he has been doing penetration testing for years, and while missteps by companies haven’t changed much, they have evolved with the times.

“The weakest link is still the person. It’s still the employee,” Ickler said.

Same old, same old. During a Nov. 18 panel at Live! 360 Tech Con in Orlando, Florida, Onevinn CTO Stefan Schörling said it’s still common to see service accounts added to domain admins, a mistake that can lead to major issues if that account is compromised.

“We even see the main users in domain admins, but [with] service accounts, make sure you get them removed,” he said.

Jordan Drysdale, also a senior penetration tester at Black Hills Information Security, told IT Brew that he commonly sees infostealers, social engineering, and poorly maintained web applications as a common thread.

“That is how adversaries are winning these days,” Drysdale said. “They’re calling the help desk and asking for password and MFA resets. They’re getting credentials scraped off the internet, and they’re finding unpatched web apps.”

Don’t forget about AI! IT Brew caught up with Peter Garraghan, founder and chief science officer at AI red teaming and security company Mindgard, to discuss misconfigurations that show up in AI systems.

Garraghan said he sees two different types of common problems: First, companies are rushing to deploy AI projects, forgoing established controls and securely built systems in the process. Second, LLMs and agents supported by transformer architecture can be leveraged by malicious actors to gain unauthorized access to environment variables and internal system data.

“It can’t tell the difference between data and commands,” Garraghan said about AI agents. “It’s how it’s built fundamentally…which means it’'s very easy to hide instructions into things.”

Drysdale recalled working with a large global corporation that challenged Black Hills to compromise its cloud environment. After receiving a corporate laptop, his team was able to find the company’s internal AI, which he said had been fed the entire internal knowledge base and could answer questions— but could also be used for nefarious purposes.

“The LLM was so promiscuous to us,” Drysdale said. “It answered questions faithfully and accurately and sent us links to documents.”

What do we make of all of this? How should organizations tighten up their defenses in 2026? The advice is pretty standard. Ickler recommends companies ensure users are following security protocols. It’s one thing to buy a password manager and another to make sure employees are actually using it, and not relying on potentially risky behaviors that reduce friction in their workflow, he added.

“You can buy the software and then never really push to use it,” Ickler said. “You also have to have someone in your organization that says ‘We’re going to help our users use it right.’”