Report by GreyNoise
GreyNoise 2025 Mass Internet Exploitation Report
6 FINDINGSPublished Feb 28, 2025
View Original Report →Key Findings
Attackers are getting quicker at exploiting newly found CVEs, with exploitation observed within hours of disclosure in 2024.
GreyNoiseGreyNoise 2025 Mass Internet Exploitation Report·Feb 28, 2025
A majority of the most exploited vulnerabilities in 2024 targeted home internet routers, including customer-facing fiber modems
GreyNoiseGreyNoise 2025 Mass Internet Exploitation Report·Feb 28, 2025
40% of vulnerabilities exploited in 2024 were from 2020 or earlier.
GreyNoiseGreyNoise 2025 Mass Internet Exploitation Report·Feb 28, 2025
GreyNoise detected the exploitation of 29 vulnerabilities before they were added to CISA’s KEV catalog.
GreyNoiseGreyNoise 2025 Mass Internet Exploitation Report·Feb 28, 2025
10% of vulnerabilities exploited in 2024 were from 2016 or earlier, with some dating back to the late 1990s, such as CVE-1999-0526.
GreyNoiseGreyNoise 2025 Mass Internet Exploitation Report·Feb 28, 2025
28% of the CVEs added to CISA’s KEV catalog were leveraged by ransomware groups.
GreyNoiseGreyNoise 2025 Mass Internet Exploitation Report·Feb 28, 2025