Executive Summary
A total of 26 vulnerabilities were added to the Cybersecurity and Infrastructure Security Agency KEV catalog, underscoring real-world exploitation trends. Apple Inc. accounted for the highest number of entries, followed by Google and Microsoft, along with other vendors such as Craft CMS, Ivanti, Broadcom, Qualcomm, Langflow, Laravel, and SolarWinds.
Beyond KEV additions, active exploitation activity was observed across multiple platforms, including vulnerabilities in Apple Inc. products identified by Google and linked to advanced exploit chains such as the Coruna exploit kit. Additionally, Fortinet products were targeted in campaigns attributed to MuddyWater, as disclosed by Ctrl-Alt-Intel Threat Research.
Ransomware activity remained highly active, with groups like Qilin ransomware leading with 131 affected organizations, followed by Akira ransomware (71) and NightSpire ransomware (57). Other prominent actors, including DragonForce ransomware and IncRansom ransomware, also ranked among the top five, highlighting sustained ransomware pressure across sectors.
Subscribe to our Newsletter
