"In July, Microsoft fixed a flaw in its file sharing service SharePoint that was already being exploited by attackers. Later that month, Microsoft warned that hackers were making use of the zero-day to distribute ransomware, adding even more risk to the serious vulnerability. The SharePoint flaw is just one example of attackers becoming faster at exploiting vulnerabilities before they can be properly addressed by vendors and patched by organizations."
"During the first half of 2025, almost one-third (32.1%) of flaws listed in VulnCheck's known exploited vulnerabilities catalog were weaponized either before being detected or within 24 hours of disclosure, according to the vulnerability intelligence provider's latest . This represents an 8.5% increase from 23.6% in 2024. Meanwhile, there has been a 34% increase in attackers exploiting vulnerabilities to gain initial access and cause security breaches over the last year, according to the Verizon 2025 Data Breach Investigations report."
Microsoft patched a SharePoint flaw in July that was already under active exploitation, and later observed the zero-day being used to distribute ransomware. In the first half of 2025, 32.1% of flaws in VulnCheck's known exploited vulnerabilities catalog were weaponized before detection or within 24 hours, up from 23.6% in 2024. Verizon reported a 34% year-over-year increase in attackers leveraging vulnerabilities for initial access. Faster weaponization shortens the available patching window, increases strain on security teams, and reduces prioritization of older vulnerabilities, enabling attackers to persist using established techniques.
Read at IT Pro
Unable to calculate read time
Collection
[
|
...
]