A new report from Mandiant reveals that the average time-to-exploit vulnerabilities before or after a patch is released has plunged to just five days in 2023, down from 32 days in 2021 in 2022. One reason for this is the fact that, in 2023, exploitation of zero-day vulnerabilities (unknown to vendors, with no patches available) considerably outpaced the exploitation of n-day flaws (publicly disclosed bugs, with patches available). Another is that n-day exploitation continues to … More
The post Defenders must adapt to shrinking exploitation timelines appeared first on Help Net Security.