"Based on multiple 2025 industry reports: roughly 50 to 61 percent of newly disclosed vulnerabilities saw exploit code weaponized within 48 hours. Using the CISA Known Exploited Vulnerabilities Catalog as a reference, hundreds of software flaws are now confirmed as actively targeted within days of public disclosure. Each new announcement now triggers a global race between attackers and defenders. Both sides monitor the same feeds, but one moves at machine speed while the other moves at human speed."
"Major threat actors have fully industrialized their response. The moment a new vulnerability appears in public databases, automated scripts scrape, parse, and assess it for exploitation potential, and now these efforts are getting ever more streamlined through the use of AI. Meanwhile, IT and security teams often enter triage mode, reading advisories, classifying severity, and queuing updates for the next patch cycle. That delay is precisely the gap the adversaries exploit."
"Exploit brokers and affiliate groups operate as supply chains, each specializing in one part of the attack process. They use vulnerability feeds, open-source scanners, and fingerprinting tools to match new CVEs against exposed software targets. Many of these targets have already been identified, and these systems know in advance which targets are most likely to be susceptible to the impending attack."
Roughly half to three-fifths of newly disclosed vulnerabilities see exploit code weaponized within 48 hours of public disclosure. Automated attacker workflows scrape public vulnerability feeds, parse advisories, and assess exploitation potential at machine speed, increasingly augmented by AI. Exploit brokers and affiliates function as supply chains, using scanners and fingerprinting to rapidly match CVEs to exposed targets. Traditional quarterly or monthly patch cadences leave a critical window of exposure that adversaries exploit. IT and security teams often require human triage to classify severity and schedule patches, creating delays that attackers leverage to achieve successful exploitation.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]