Summary: In 2024, there was a significant increase in reported exploited vulnerabilities, reaching 768 compared to 639 in 2023, indicating a rising trend in exploit activity. Notably, 23.6% of known exploited vulnerabilities were weaponized upon or before their public disclosure. The report emphasizes the importance of proactive risk management as 1% of newly published CVEs were found to be exploited in the wild, with expectations for this figure to rise.
Affected: Organizations using technologies from Apache, Atlassian, Barracuda, Citrix, Cisco, Fortinet, Microsoft, Progress, PaperCut, and Zoho
Keypoints :
- 768 vulnerabilities with CVE identifiers were reported exploited in the wild in 2024, a 20% increase from 2023.
- 23.6% of these were weaponized by the time of their public disclosure, slightly down from 26.8% in the previous year.
- Significant threats stem from 15 major security shortcomings, affecting around 400,000 internet-accessible systems.
- Organizations are urged to enhance their risk management strategies, including better visibility and robust patching practices.
Source: https://thehackernews.com/2025/02/768-cves-exploited-in-2024-reflecting.html
Views: 0