In the first quarter of 2025, 159 CVE identifiers were noted, which were used in the wild, which compared to 151 in the 4th quarter of 2024.
“We still see how vulnerabilities are used at a rapid pace when 28.3% vulnerabilities are used during the 1st day disclosure CV report Share with Hacker News.
This means 45 security deficiencies that were armed in real attacks during the disclosure day. Fourteen other disadvantages were used within a month, and 45 more disadvantages were abused during the year.
Cybersecurity company said most of the exploited vulnerabilities were identified in content control systems (CMSE), followed by networking devices, operating systems, open source software and server software.
The assembly is –
- Content control systems (CMS) (35)
- DEPTS Network Edge (29)
- Operating systems (24)
- Open source software (14)
- Server software (14)
The leading suppliers and their products that are operated during the time period are Microsoft Windows (15), Broadcom VMware (6), Cyber PowerPanel (5), Litespeed Technologies (4) and Totolink Routers (4).
“On average, 11.4 Que were disclosed weekly and 53 a month,” Volnchek said. “While Cisa Kev added 80 vulnerabilities for the quarter, only 12 did not show previous public evidence of exploitation.”
Of the 159 vulnerabilities, 25.8% expect or undergo a NIST (NVD) national vulnerability analysis and 3.1% were assigned a new “deferred” status.
According to the recently released verizon Report on Data Investigation In 2025, the operation of vulnerabilities as an initial access stage for data violation increased by 34%, which is 20% of all penetration.
The data collected by Google Mandiant also showed that the feats were the most commonly observed vector of the fifth -year infection, with stolen credentials overtake phishing as the second most commonly observed with the initial vector.
“For penetration in which the initial vector of infection was discovered, 33% began with the operation of vulnerability,” Mandiant – Note. “This is a decrease since 2023, during which the exploits represented the original vector for 38% penetration, but almost identical to the feats in 2022, 32%.”
Given this, despite the efforts of the attackers to evade detection, the defenders continue to better determine the compromises.
Global Medium Matty Time that refers to the number of days when the attacker is on the system from compromise to detection, was tied up to 11 days while Increase one day since 2023.
