Summary
September marked a turbulent month in the cybersecurity landscape, with a sharp rise in zero-day activity and renewed focus on high-impact vulnerabilities across major vendors. A total of 16 vulnerabilities were added to the CISA Known Exploited Vulnerabilities (KEV) catalog, reflecting the continued trend of adversaries rapidly exploiting both newly disclosed and long-standing flaws.
The month’s additions included three vulnerabilities each from Cisco and TP-Link, underscoring the ongoing targeting of networking and infrastructure devices that form the backbone of enterprise and home environments. Other affected vendors included Sudo, Fortra, Libraesva, Google, Adminer, Linux, Android, Sitecore, and Meta Platforms, representing a wide cross-section of technologies spanning software, cloud, and IoT ecosystems.
Notably, 12 of these vulnerabilities were actively exploited as zero-days, emphasizing the accelerating speed at which threat actors weaponize unpatched flaws.
Meanwhile, ransomware activity continued its aggressive momentum, with Qilin, Akira, and IncRansom leading the charge. The education, healthcare, and finance sectors were among the most heavily affected, as adversaries leveraged both known and emerging vulnerabilities to deploy ransomware payloads, exfiltrate data, and disrupt operations.
Subscribe to our Newsletter
%20(1).png)
