In 2023, over 60% of vulnerabilities in network and security appliances were exploited as zero days according to Rapid7, showing a trend of attackers exploiting vulnerabilities before patches are released. This trend has led to a higher frequency of zero-day attacks resulting in mass compromise events. The report highlights a shift towards more orchestrated and sophisticated attacks by single threat actors targeting multiple organizations
Additionally, there has been a significant increase in zero-day attacks targeting network perimeter technologies, with a focus on easily exploitable vulnerabilities like command injections and authentication issues. However, the researchers note regressive practices among software vendors, including delaying advisory releases and providing vague vulnerability details in an attempt to mitigate risks. This evolving landscape underscores the critical need for organizations to implement zero-day patching procedures and strengthen their cybersecurity measures. https://www.infosecurity-magazine.com/news/network-security-flaws-exploited/