Summary: In Q1 2025, 159 CVE identifiers were reported as exploited, with 28.3% of vulnerabilities being targeted within a day of their disclosure. Vulnerabilities predominantly arose in content management systems and network edge devices, while exploits increasingly contributed to data breaches. Despite this, defenders are becoming more adept at detecting breaches, with the median dwell time for attackers increasing to 11 days.
Affected: Various organizations using Microsoft Windows, Broadcom VMware, Cyber PowerPanel, and others.
Keypoints :
- 158 CVE identifiers were flagged as exploited in the first quarter of 2025, a rise from 151 in Q4 2024.
- Content Management Systems and network edge devices were the most affected categories with specific vulnerabilities.
- Exploitation as an initial access method for data breaches rose by 34%, accounting for 20% of all intrusions.
- The global median dwell time for attackers on a system has increased to 11 days.
Source: https://thehackernews.com/2025/04/159-cves-exploited-in-q1-2025-283.html