Highlights

In analyzing 138 actively exploited vulnerabilities in 2023, Google Mandiant reported Oct. 15 that 70% of them were zero-days, indicating that threat actors are getting much better at identifying vulnerabilities in software.

It’s a worrying trend in and of itself, but what caused even more concern among security analysts was that Google Mandiant also found that the time-to-exploit (TTE) — the time it takes threat actors to exploit a flaw — was down to a mere five days in 2023 compared with 63 days in 2018-19 and 32 days in 2021-22.