A recent VulnCheck report has revealed a disturbing trend in the cybersecurity landscape: nearly 30% of known exploited vulnerabilities (KEVs) were targeted before or on the day of public disclosure in 2025. This marks a significant rise from 23.6% in 2024, indicating that cyber attackers are exploiting vulnerabilities faster than ever before.
The report, titled State of Exploitation 2026, highlights a sharp increase in zero-day and one-day exploits, where attackers capitalize on vulnerabilities before they are publicly acknowledged or patched. While some of these vulnerabilities were disclosed in public advisories before being exploited, the increase in these rapid attacks emphasizes the growing urgency for better vulnerability management and faster patching.
VulnCheck identified 884 new vulnerabilities exploited for the first time in 2025, marking a 15% increase over the previous year. The report shows that the most commonly targeted technologies included network edge devices such as firewalls, VPNs, and proxies, followed by content management systems (CMS) and open-source software.
The analysis also reveals that operating systems (OS) were heavily impacted by these rapid exploitations, with almost half of the KEVs related to OS being exploited before or immediately after public disclosure. The report stresses that the speed at which vulnerabilities are being exploited requires a more agile response from organizations, with an emphasis on comprehensive patch management and vulnerability monitoring.
Ransomware attribution continues to lag behind the initial exploitation of vulnerabilities, indicating that more research is needed to track and attribute these attacks fully. As these trends continue, cybersecurity experts urge organizations to enhance their defenses by adopting proactive security measures, such as improved multi-factor authentication (MFA) and constant monitoring of software and hardware for vulnerabilities.
In conclusion, the rise of zero-day exploits and rapid vulnerability exploitation reflects an escalating cybersecurity threat. With attackers moving faster than ever, organizations must evolve their security strategies to address the growing risks associated with unpatched vulnerabilities.
