Cyble researchers have identified 22 actively exploited vulnerabilities, with some not listed in CISA’s KEV catalog. Multiple vulnerabilities are targeted by ransomware groups and threat actors, emphasizing the need for prioritized patching and risk management. #CVE2025-26399 #MedusaLocker
Keypoints
- Cyble reports 22 vulnerabilities under active attack, with nine not in the KEV catalog.
- 12 vulnerabilities were detected by honeypot sensors, indicating ongoing attack attempts.
- Ten vulnerabilities are exploited by ransomware groups, with nine listed in KEV.
- A new SolarWinds CVE (CVE-2025-26399) is believed to attract threat actors, as it bypasses previous patches.
- Organizations are advised to prioritize patching these vulnerabilities as part of their cybersecurity defenses.
Read More: https://thecyberexpress.com/vulnerabilities-under-attack/