On September 18, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) announced that its Known Exploited Vulnerabilities (KEV) catalog has reached the milestone of covering more than 1,000 vulnerabilities since its launch in November 2021. This may seem like a lot, but with over 25,000 new vulnerabilities released in 2022 alone, it helps organizations to focus on the vulnerabilities that matter the most.
Many organizations are running a plethora of software and internet-facing devices, and vulnerabilities that can be used to exploit them are found every day. Everybody knows they need to patch, but deciding what to patch when, and then finding the time and resources to do it, are significant challenges.
Source: Malwarebytes Labz