As reported by The Register, experts are strongly advising security teams to prioritize prompt patching of vulnerabilities, as exploited flaws are now the leading cause of cyber intrusions. Recent figures indicate a significant trend where attackers are rapidly capitalizing on newly disclosed weaknesses.Cisco Talos reported that exploited vulnerabilities were responsible for nearly 40% of all intrusions in the fourth quarter of 2025. This marks the second consecutive quarter where exploits led initial access, with attackers demonstrating remarkable speed in weaponizing flaws like Oracle EBS and React2Shell within hours of their disclosure. For instance, a proof-of-concept exploit for React2Shell circulated online within 30 hours of its public release. Phishing remains a significant threat, ranking second with 32% of access cases, often leading to email account compromises and further internal phishing campaigns targeting organizations.The findings highlight a critical gap between the rapid exploitation of vulnerabilities and the slow patching practices observed in many organizations, with some taking months to address severe flaws. This underscores the need for immediate patching, robust multi-factor authentication, and comprehensive logging. While ransomware incidents have decreased, this may indicate consolidation among cybercriminal groups rather than a reduction in overall threat. The trend emphasizes the ongoing importance of proactive security measures and the risks associated with internet-facing applications.Source: The Register
Patch/Configuration Management, Security Operations, Vulnerability Management
Exploited vulnerabilities drive the most cyber intrusions

Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



