CrowdSecJan 30

We’re proud to be included in the VulnCheck State of Exploitation 2026 report and recognized for CrowdSec’s growth as a leading source in first reporting KEVs throughout 2025.

Big thanks to @vulncheck and Patrick Garrity for the recognition, and congrats on the launch of VulnCheck Canary Intelligence.

πŸ‘‰ Read the full article: https://www.vulncheck.com/blog/state-of-exploitation-2026

#threatintelligence #VulnCheck #vulnerability #KEV #cybersecurity @vulncheckai

Anonymous πŸˆοΈπŸΎβ˜•πŸ΅πŸ΄πŸ‡΅πŸ‡Έ Apr 25, 2025
VulnCheck reported that in Q1 2025, 159 vulnerabilities were actively exploited, with attackers leveraging nearly a third within a day of disclosure, highlighting urgent needs for rapid defense against emerging threats. #CyberSecurity #VulnCheck
https://cyberscoop.com/vulncheck-known-exploited-cves-q1-2025/
VulnCheck spotted 159 actively exploited vulnerabilities in first few months of 2025

The vulnerability threat intelligence firm’s research reinforces a slew of recent reports warning about increased exploits in 2024.

CyberScoop
postmodernApr 27, 2024

Does @vulncheck have a way to report that one of their entries in XDB has been deleted from GitHub? Does their XDB code occassionally check the repo URLs to make sure they aren't 404ed?

https://github.com/admi-n/CVE-2024-3400-RCE-copy is definitely 404ed.
#vulncheck #xdb

Mustafa Kaan DemirhanMay 7, 2023
πŸ”“ New #PaperCut RCE exploit bypasses existing detections! Researchers at #VulnCheck discovered a PoC that exploits CVE-2023-27350 without triggering alarms. Stay informed and protect your organization: https://www.bleepingcomputer.com/news/security/new-papercut-rce-exploit-created-that-bypasses-existing-detections/ #Cybersecurity #InfoSec
New PaperCut RCE exploit created that bypasses existing detections

A new proof-of-concept (PoC) exploit for an actively exploited PaperCut vulnerability was released that bypasses all known detection rules.

BleepingComputer
VulnCheckDec 6, 2022

In September, the Moobot botnet was reported to be exploiting CVE-2022-28958 in-the-wild, and the vulnerability was added to the CISA KEV Catalog. But Jake (@albinolobster) on the @vulncheck Initial Access team quickly discovered MooBot hadn't implemented the exploit correctly. Surprisingly, after further analysis, @vulncheck concluded the vulnerability never even existed in the first place. #vulncheck #vulnerabilities #exploits #cisa

Find the full details on the VulnCheck blog:
https://vulncheck.com/blog/moobot-uses-fake-vulnerability

Moobot Uses a Fake Vulnerability - Blog - VulnCheck

An investigation into CVE-2022-28958 finds the vulnerability doesn't actually exist.

VulnCheck