Threat groups increasingly exploit older vulnerabilities in edge devices, particularly VPNs and routers, according to GreyNoise research. Over half of these vulnerabilities, including Black Swan ones, are neglected due to lack of patches and outdated infrastructure, allowing attackers to easily weaponize them. In 2024, 40% of vulnerabilities exploited were from 2020 or earlier, indicating ongoing risks from unaddressed CVEs.
https://www.cybersecuritydive.com/news/threat-groups-exploiting-vulnerabilities/746229/