Over 700 Exploited Vulnerabilities in 2024: Rising Cybersecurity Risks & Trends

Feb 5, 2025

Summary

A new report from VulnCheck reveals that 768 vulnerabilities were actively exploited for the first time in 2024, marking a 20% increase compared to the previous year. While these vulnerabilities represent just 1% of all published CVEs, the growing trend underscores the persistent security challenges organizations face.

New Data Highlights Exploited Vulnerabilities

The cybersecurity landscape continues to evolve, with VulnCheck's latest report detailing an alarming rise in exploited vulnerabilities. Their analysis, based on 112 unique sources, highlights that nearly 24% of these vulnerabilities were exploited on or before their public disclosure date. This trend, while slightly lower than the 27% recorded in 2023, emphasizes that exploitation occurs at various points in a vulnerability's lifecycle—not just at the zero-day stage.

Key Findings

  • 768 CVEs were exploited for the first time in 2024, up from 639 in 2023.

  • These CVEs account for only 1% of all published vulnerabilities.

  • 23.6% of these vulnerabilities were exploited on or before public disclosure.

  • Monthly reports showed that 30-50 vulnerabilities were discovered as actively exploited each month.

  • A significant spike in reports occurred in January, following The Shadowserver Foundation's inclusion as a data source.

Influence of Industry Events on Exploitation Reports

The data suggests that industry events, threat disclosures, and research collaborations directly impact the number of reported exploited vulnerabilities. Key factors contributing to fluctuations in reported CVEs include:

  • The addition of new security intelligence sources.

  • Government agencies disclosing known exploited threats.

  • Collaborative efforts with organizations like Wordfence, which tracked previously unreported vulnerabilities.

These findings highlight the need for continuous threat intelligence sharing to improve cybersecurity defense mechanisms.

Call for Greater Transparency in Cybersecurity

VulnCheck stresses the importance of public disclosures when organizations detect exploitation activity. Without transparency, security teams and organizations cannot effectively mitigate risks associated with these vulnerabilities.

As cyber threats continue to grow, proactive vulnerability management, timely patching, and real-time monitoring remain crucial for minimizing risk.

Disclaimer: ClearPhish maintains a strict policy of not participating in the theft, distribution, or handling of stolen data or files. The platform does not engage in exfiltration, downloading, hosting, or reposting any illegally obtained information. Any responsibility or legal inquiries regarding the data should be directed solely at the responsible cybercriminals or attackers, as ClearPhish is not involved in these activities. We encourage parties affected by any breach to seek resolution through legal channels directly with the attackers responsible for such incidents.

Latest News

Hertz Data Breach 2025: Cleo Vulnerability Exposes Sensitive Customer Information
Hertz Data Breach 2025: Cleo Vulnerability Exposes Sensitive Customer Information
Hertz Data Breach 2025: Cleo Vulnerability Exposes Sensitive Customer Information
Hertz Data Breach 2025: Cleo Vulnerability Exposes Sensitive Customer Information

Hertz Data Breach 2025: Cleo Vulnerability Exposes Sensitive Customer Information

Hertz Data Breach 2025: Cleo Vulnerability Exposes Sensitive Customer Information

Hertz Data Breach 2025: Cleo Vulnerability Exposes Sensitive Customer Information

Hertz Data Breach 2025: Cleo Vulnerability Exposes Sensitive Customer Information

Apr 22, 2025

2025's Largest Supply Chain Hack: Oracle Cloud Breach Exposes 6M Records Across 140K+ Tenants
2025's Largest Supply Chain Hack: Oracle Cloud Breach Exposes 6M Records Across 140K+ Tenants
2025's Largest Supply Chain Hack: Oracle Cloud Breach Exposes 6M Records Across 140K+ Tenants
2025's Largest Supply Chain Hack: Oracle Cloud Breach Exposes 6M Records Across 140K+ Tenants

2025's Largest Supply Chain Hack: Oracle Cloud Breach Exposes 6M Records Across 140K+ Tenants

2025's Largest Supply Chain Hack: Oracle Cloud Breach Exposes 6M Records Across 140K+ Tenants

2025's Largest Supply Chain Hack: Oracle Cloud Breach Exposes 6M Records Across 140K+ Tenants

2025's Largest Supply Chain Hack: Oracle Cloud Breach Exposes 6M Records Across 140K+ Tenants

Mar 27, 2025

Elon Musk Claims X Hit by Massive Cyberattack from 'Ukraine Area' – Platform Disrupted
Elon Musk Claims X Hit by Massive Cyberattack from 'Ukraine Area' – Platform Disrupted
Elon Musk Claims X Hit by Massive Cyberattack from 'Ukraine Area' – Platform Disrupted
Elon Musk Claims X Hit by Massive Cyberattack from 'Ukraine Area' – Platform Disrupted

Elon Musk Claims X Hit by Massive Cyberattack from 'Ukraine Area' – Platform Disrupted

Elon Musk Claims X Hit by Massive Cyberattack from 'Ukraine Area' – Platform Disrupted

Elon Musk Claims X Hit by Massive Cyberattack from 'Ukraine Area' – Platform Disrupted

Elon Musk Claims X Hit by Massive Cyberattack from 'Ukraine Area' – Platform Disrupted

Mar 12, 2025

Bybit Suffers Historic $1.5 Billion Ethereum Heist
Bybit Suffers Historic $1.5 Billion Ethereum Heist
Bybit Suffers Historic $1.5 Billion Ethereum Heist
Bybit Suffers Historic $1.5 Billion Ethereum Heist

Bybit Crypto Exchange Hit by $1.5 Billion Ethereum Hack – Largest Digital Heist in History

Bybit Crypto Exchange Hit by $1.5 Billion Ethereum Hack – Largest Digital Heist in History

Bybit Crypto Exchange Hit by $1.5 Billion Ethereum Hack – Largest Digital Heist in History

Bybit Crypto Exchange Hit by $1.5 Billion Ethereum Hack – Largest Digital Heist in History

Feb 25, 2025

Harley-Davidson Data Breach: Over 66,700 Customer Records Exposed by Cybercriminals
Harley-Davidson Data Breach: Over 66,700 Customer Records Exposed by Cybercriminals
Harley-Davidson Data Breach: Over 66,700 Customer Records Exposed by Cybercriminals
Harley-Davidson Data Breach: Over 66,700 Customer Records Exposed by Cybercriminals

Harley-Davidson Data Breach: Over 66,700 Customer Records Exposed by Cybercriminals

Harley-Davidson Data Breach: Over 66,700 Customer Records Exposed by Cybercriminals

Harley-Davidson Data Breach: Over 66,700 Customer Records Exposed by Cybercriminals

Harley-Davidson Data Breach: Over 66,700 Customer Records Exposed by Cybercriminals

Feb 12, 2025

Cybercriminal Claims to Have Stolen Waze User Data, Including GPS Locations
Cybercriminal Claims to Have Stolen Waze User Data, Including GPS Locations
Cybercriminal Claims to Have Stolen Waze User Data, Including GPS Locations
Cybercriminal Claims to Have Stolen Waze User Data, Including GPS Locations

Cybercriminal Claims to Have Stolen Waze User Data, Including GPS Locations

Cybercriminal Claims to Have Stolen Waze User Data, Including GPS Locations

Cybercriminal Claims to Have Stolen Waze User Data, Including GPS Locations

Cybercriminal Claims to Have Stolen Waze User Data, Including GPS Locations

Feb 12, 2025

Get updates in your inbox directly

You are now subscribed.

Get updates in your inbox directly

You are now subscribed.

Get updates in your

inbox directly

You are now subscribed.

Get updates in your inbox directly

You are now subscribed.

Enable your employees as first line of defense and expand your digital footprints without any fear.

Enable your employees as first line of defense and expand your digital footprints without any fear.

Enable your employees as first line of defense and expand your digital footprints without any fear.

Enable your employees as first line of defense and expand your digital footprints without any fear.