Patch or perish: Vulnerability exploits now dominate intrusions

What good is a fix if you don't use it? Experts are urging security teams to patch promptly as vulnerability exploits now account for the majority of intrusions, according to the latest figures.

Cisco Talos said exploited flaws were behind nearly 40 percent of all intrusions in Q4 2025, and the speed at which attackers were harnessing those weaknesses should serve as a wake-up call for defenders.

This marks the second quarter in a row that exploits led the charge for initial access, but represented a drop from Q3's rate of 62 percent, which was driven largely by widespread ToolShell attacks.

More recently, the team pointed to the Oracle EBS and React2Shell vulnerabilities as examples of two high-profile vectors that continued to fuel the trend, both of which were taken up by attackers within hours of disclosure.

Talos stated in its report: "In both cases, exploitation activity occurred ...