Forget zero-days – ‘N-days’ could be the most worrying security threat facing your systems today, here’s why

Flashpoint report claims over 80% of exploited flaws are n-days, not zero-days
Average time to exploit dropped from 745 days (2018) to just 44 days (2025)
Attackers focus on firewalls, VPNs, and edge devices; China most active in exploitation campaigns

While zero-day vulnerabilities may sound ominous, it is n-day ones which are driving most cyberattacks, experts have warned.

Security researchers Flashpoint unveiled new research based on entries in CISA’s KEV, as well as in-house data about the average Time to Exploit (TTE).

Firewalls and VPNs first targets

This might sound counter-intuitive, since patched vulnerabilities can be easily fixed by, well, deploying the patch. However, six years ago, the average Time to Exploit (the gap between public disclosure and observed exploitation) was 745 days, meaning defenders had a two-year grace period to patch, before expecting an attack.

Last year, TTE was down to 44 days. That means that cybercriminals are actively monitoring news of newly patched vulnerabilities and are acting fast to exploit them. It is easier to lean onto an already known vulnerability, rather than hunt for one themselves, and if the victims aren’t diligent with patching, they become low-hanging fruit.

firewalls, VPN gateways, and edge devices. They are every attacker’s first choice because they must remain internet-facing, and as such are a logical first step.

Nation-state activity “remains prominent”, Flashpoint added, stressing that China was identified as the most active vendor in vulnerability exploitation campaigns.

The best antivirus for all budgets

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

https://cdn.mos.cms.futurecdn.net/oyKgE5jTrnx6fQA6dwPuCj-2560-80.jpg

Source link

Quordle hints and answers for Saturday, April 4 (game #1531)

NYT Connections hints and answers for Saturday, April 4 (game #1028)

NYT Strands hints and answers for Saturday, April 4 (game #762)

Dell packs full desktop performance into a palm-sized device that’s powered entirely through a single USB-C connection

Ex-Israeli Intelligence Official: Shockwaves of Trump’s “Take Over Gaza” Heard, Felt Across Region

What UK political parties are promising in the 2019 general election

Otto Warmbier’s parents want North Korea to suffer for their son’s death

Could a ‘youthquake’ cause Boris Johnson to lose the general election?

After Gwen Stacy, Disney+’s Spider-Man Show Needs To Introduce These 10 Characters

Apple TV Officially Ends Its Best Sci-Fi Series After 6 Seasons, but There’s a Catch

Add a Cordless Electric Air Duster to Your PC or Car Maintenance Kit for Just $24 (or Less)

When Was Tom Holland & Zendaya’s Wedding? What We Know – Hollywood Life

RCM Technologies earnings beat by $0.13, revenue topped estimates

ICON PLC earnings missed by $0.02, revenue was in line with estimates

Rambus CEO Seraphin Luc sells shares worth $470k

Form 13D/A SOUTHWEST AIRLINES CO For: 3 April

The YouTuber who has become one of Gen Z’s most beloved celebrities

26 last-minute holiday gifts that are still thoughtful and unique

Practicing gratitude regularly can make you less stressed and sleep better

8 things millennials wish you would just stop getting them for the holidays