Exploits
Cybersecurity statistics about exploits
Related Topics
Showing 1-12 of 12 results
62.0% of critical vulnerabilities with known exploits had a working exploit available before scanner detection signatures shipped.
Exploits remained the most common initial infection vector for the sixth consecutive year, accounting for 32% of intrusions.
Exploits were observed being weaponised in minutes.
Exploits spiked 433% in Microsoft Office applications. Web browsers and Office applications have emerged as prime targets. Chrome specifically led all products in known attacks.
Exploits spiked 657% in browsers.
Exploits continue to be the most common initial infection vector (33%).
Browser exploits accounted for 9.2% of the CISA KEV exploits.
18.9% of API-related exploits involved legacy APIs, including AJAX backends and URL parameter-based systems.
Supply chain exploits accounted for 1.1% of the CISA KEV exploits.
Kernel exploits accounted for 5.4% of the CISA KEV exploits.
Mobile exploits accounted for 5.9% of the CISA KEV exploits.
Over 50% of exploits in CISA’s Known Exploited Vulnerabilities (KEV) report were API-related in 2024, up from 20% in 2023.