Monday , July 13 2026

159 CVEs Exploited in Q1 2025 : 28.3% Within 24 Hours of Disclosure

In Q1 2025, VulnCheck identified evidence of 159 CVEs publicly disclosed for the first time as exploited in the wild. The disclosure of known exploited vulnerabilities was from 50 different sources.

Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Global ransomware attacks stayed very high in the first seven months of 2026. There were 5,064 confirmed victims in 135...
Read More
Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Palo Alto Networks Addresses 13 Vulnerabilities

Palo Alto Networks shared warnings on Wednesday about over twelve security issues in its products. The new warnings include 13 security...
Read More
Palo Alto Networks Addresses 13 Vulnerabilities

Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

A critical flaw with how Dell saves BIOS passwords lets anyone quickly recover these passwords from a flash dump without...
Read More
Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

CoLoCity is proud to launch a new Data Center in Gulshan-2. It is designed to meet the growing demand for...
Read More
CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

Daily Cyber security update for 10. 07. 2026

Cyberattacks are rising around the world, including ransomware, malware, data leaks, and hacked websites. These events show how complex and...
Read More
Daily Cyber security update for 10. 07. 2026

How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

A major AWS attack shows how attackers with AI can connect known cloud strategies to go from first access to...
Read More
How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

Mycelium Framework: First AI-as-a-Service Botnet

A new cybercrime ad is catching attention in the security world. It talks about a botnet that doesn't just get...
Read More
Mycelium Framework: First AI-as-a-Service Botnet

CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

CrowdStrike has shared five new ways to inject prompts, showing the rising danger to AI agents as more organizations use...
Read More
CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

A critical flaw in Google Cloud Platform’s Dialogflow CX lets attackers add harmful code to a company's AI chatbot system....
Read More
Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

CIRT identified 153 publicly exposed FortiGate devices in Bangladesh

CIRT identified 153 publicly exposed FortiGate devices in Bangladesh. In an advisory CIRT said, the campaign has been observed globally,...
Read More
CIRT identified 153 publicly exposed FortiGate devices in Bangladesh

“We continue to see vulnerabilities being exploited at a fast pace with 28.3% of vulnerabilities being exploited within 1-day of their CVE disclosure,” VulnCheck said.

In total, 45 security flaws were used in real-world attacks within a day of being disclosed. Additionally, 14 flaws were exploited within a month, and another 45 were abused within a year.

The cybersecurity company reported that most exploited vulnerabilities are found in content management systems (CMSes), followed by network edge devices, operating systems, open-source software, and server software.

The breakdown is as follows:

Content Management Systems (CMS) (35)
Network Edge Devices (29)
Operating Systems (24)
Open Source Software (14)
Server Software (14)

The main vendors and their exploited products during this period are Microsoft Windows (15), Broadcom VMware (6), Cyber PowerPanel (5), Litespeed Technologies (4), and TOTOLINK Routers (4).

“On average, 11.4 KEVs were disclosed weekly, and 53 per month,” VulnCheck said. “While CISA KEV added 80 vulnerabilities during the quarter, only 12 showed no prior public evidence of exploitation.”

Of the 159 vulnerabilities, 25.8% are being reviewed by the NIST National Vulnerability Database (NVD) and 3.1% have the new “Deferred” status.

Verizon’s 2025 Data Breach Investigations Report reveals that the use of vulnerabilities for initial access in data breaches increased by 34%, now representing 20% of all intrusions.

Data from Google-owned Mandiant shows that for the fifth year in a row, exploits were the most common initial infection method. Stolen credentials have now surpassed phishing as the second most common access method.

“For intrusions in which an initial infection vector was identified, 33% began with exploitation of a vulnerability,” Mandiant said. “This is a decline from 2023, during which exploits represented the initial intrusion vector for 38% of intrusions, but nearly identical to the share of exploits in 2022, 32%.”

That said, despite attackers’ efforts to evade detection, defenders are continuing to get better at identifying compromises.

The global median dwell time, which indicates how long an attacker remains undetected in a system, is now 11 days, up by one day from 2023.

Check Also

Tenda

CERT/CC Alerts to Hidden Admin Backdoor in Tenda Router Firmware

Several Tenda firmware versions have a hidden backdoor that lets people gain admin access to …