Summary
October, recognized as Cybersecurity Awareness Month, underscored the critical importance of vigilance and patch discipline across industries. Throughout the month, 32 vulnerabilities were added to the CISA Known Exploited Vulnerabilities (KEV) catalog, a clear indication of rising real-world exploitation.
Microsoft topped the list with 8 confirmed exploited CVEs, while Apple, Kentico, Adobe, and Dassault Systèmes each accounted for 2 vulnerabilities, underscoring adversaries continued focus on core operating environments, enterprise applications, and e-commerce platforms. Beyond major vendors, the KEV additions spanned a diverse range of technologies from SmartBedded Metrobridge, Samsung, Jenkins, Juniper, Oracle, Mozilla, Linux, Synacor, SKYSEA, Grafana Labs, Rapid7, IGEL, Motex, and others reinforcing that no segment of the technology supply chain is immune.
Ransomware operations continued to intensify, with Qilin, Akira, and Sinobi driving major incidents across the threat landscape. Key sectors including education, healthcare, and finance remained prime targets, as adversaries weaponized both known and newly surfaced vulnerabilities to infiltrate networks, encrypt systems, exfiltrate data, and disrupt critical services.
Subscribe to our Newsletter
%20(1).png)
