Researchers attribute the attacks to an initial access broker who is exploiting the 10.0 critical vulnerability.

The vulnerability threat intelligence firm’s research reinforces a slew of recent reports warning about increased exploits in 2024.

Mandiant said exploits were the most common initial access vector last year, linking software defects to 1 in 3 attacks. The most commonly exploited vulnerabilities affected network…

Verizon’s 2025 Data Breach Investigations Report noted a 37% increase in ransomware attacks and a 34% increase in exploited vulnerabilities.

Infostealers fueled the staying power of identity-based attacks, increasing 84% on a weekly average last year, according to IBM X-Force.

Exploited vulnerabilities have turned up in Ivanti products 16 times since 2024. That’s more than any other vendor in the network edge device space.

Microsoft said Storm-2460 has exploited the zero-day in the Windows Common Log File System to attack organizations in the U.S., Venezuela, Spain and Saudi Arabia.

UNC5221 has a knack for exploiting defects in Ivanti products. The group has exploited at least four vulnerabilities in the vendor’s products since 2023, according to Mandiant.

AWS, Microsoft Azure and Google Cloud Platform each scored 0% security effectiveness in CyberRatings.org’s evaluation of cloud network firewall vendors’ ability to prevent exploits and evasions.

Cisco Talos observed identity-based attacks in 60% of the incidents it responded to last year.