"CISA maintains its Known Exploited Vulnerability (KEV) catalog and populates it on a near-daily basis with details about the vulnerabilities attackers are exploiting to successfully gain access to victims' networks. The purpose of the catalog is to identify the most serious vulnerabilities at any given time, and inform defenders, especially those working for federal agencies, about which bugs should be prioritized."
"One of the features of the catalog is that it indicates whether or not CISA is aware of a given vulnerability being used by those carrying out ransomware attacks. Generally seen as the most damaging, infosec pros tend to prioritize the security flaws that could lead to stolen and encrypted files. Previous research has shown that these vulnerabilities are patched 2.5 times faster than those that aren't associated with ransomware attacks."
CISA updated its Known Exploited Vulnerability (KEV) catalog 59 times in 2025 to mark vulnerabilities as used by ransomware operators without issuing alerts to defenders. The KEV catalog is populated near-daily with vulnerabilities attackers exploit to gain network access and is intended to identify the most serious flaws and guide prioritization, especially for federal agencies. CISA's 'known ransomware use' indicator sometimes flips from 'Unknown' to 'Known' only after entries are published, and the agency does not notify technicians when that indicator changes. Ransomware-associated vulnerabilities are patched about 2.5 times faster than other flaws, prompting researchers to count missed remediation opportunities.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]