Rapid7 report shows exploited high and critical vulnerabilities more than doubled to 146 in 2025

Reuters03-18

Rapid7 report shows exploited high and critical vulnerabilities more than doubled to 146 in 2025

Rapid7 published its 2026 Global Threat Landscape Report, which found that exploited high and critical-severity vulnerabilities more than doubled from 71 in 2024 to 146 in 2025. The report said the median time from vulnerability publication to inclusion in the CISA KEV catalog fell to 5 days from 8.5 days. It also reported that valid accounts with missing or lax multi-factor authentication accounted for 43.9% of incident response investigations in 2025. Ransomware was involved in 42% of Rapid7 MDR incident response investigations, and total ransomware leak posts rose 46.4% to 8,835 in 2025.

Disclaimer: This news brief was created by Public Technologies (PUBT) using generative artificial intelligence. While PUBT strives to provide accurate and timely information, this AI-generated content is for informational purposes only and should not be interpreted as financial, investment, or legal advice. Rapid7 Inc. published the original content used to generate this news brief on March 18, 2026, and is solely responsible for the information contained therein.

At the request of the copyright holder, you need to log in to view this content

Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.

Comments

We need your insight to fill this gap

Leave a comment

{"i18n":{"language":"en_US"},"isChannel":false,"data":{"share":"https://ttm.financial/m/news/2620255235?lang=en_US&edition=fundamental","thumbnail":"","is_english":true,"pubTime":"2026-03-18 20:43","share_image_url":"https://static.laohu8.com/e9f99090a1c2ed51c021029395664489","id":"2620255235","market":"nz","top_or_hot":-1,"title":"Rapid7 report shows exploited high and critical vulnerabilities more than doubled to 146 in 2025","media":"Reuters","content":"<html xmlns=\"http://www.w3.org/1999/xhtml\" xmlns:newsg2=\"http://iptc.org/std/nar/2006-10-01/\" xmlns:xhtml=\"http://www.w3.org/1999/xhtml\"><head><title>\n      Rapid7 report shows exploited high and critical vulnerabilities more than doubled to 146 in 2025\n    </title></head><body><div xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">\n<p>\n        Rapid7 published its 2026 Global Threat Landscape Report, which found that exploited high and critical-severity vulnerabilities more than doubled from 71 in 2024 to 146 in 2025. The report said the median time from vulnerability publication to inclusion in the CISA KEV catalog fell to 5 days from 8.5 days. It also reported that valid accounts with missing or lax multi-factor authentication accounted for 43.9% of incident response investigations in 2025. Ransomware was involved in 42% of Rapid7 MDR incident response investigations, and total ransomware leak posts rose 46.4% to 8,835 in 2025.\n      </p>\n</div><div xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">\n<p>\n<i>Disclaimer: <span>This news brief was created by Public Technologies (PUBT) using generative artificial intelligence. While PUBT strives to provide accurate and timely information, this AI-generated content is for informational purposes only and should not be interpreted as financial, investment, or legal advice. Rapid7 Inc. published the original content used to generate this news brief on March 18, 2026, and is solely responsible for the information contained therein.</span></i>\n</p>\n</div></body></html>","source":null,"html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>Rapid7 report shows exploited high and critical vulnerabilities more than doubled to 146 in 2025</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\nRapid7 report shows exploited high and critical vulnerabilities more than doubled to 146 in 2025\n</h2>\n\n<h4 class=\"meta\">\n\n\n<a class=\"head\" href=\"https://laohu8.com/wemedia/1032215980\">\n\n\n<div class=\"h-thumb\" style=\"background-image:url(https://community-static.tradeup.com/news/4567337cbdf294b657b1fa87c5488b48);background-size:cover;\"></div>\n\n<div class=\"h-content\">\n<p class=\"h-name\">Reuters </p>\n<p class=\"h-time\">2026-03-18 20:43</p>\n</div>\n\n</a>\n\n\n</h4>\n\n</header>\n<article>\n<html xmlns=\"http://www.w3.org/1999/xhtml\" xmlns:newsg2=\"http://iptc.org/std/nar/2006-10-01/\" xmlns:xhtml=\"http://www.w3.org/1999/xhtml\"><head><title>\n      Rapid7 report shows exploited high and critical vulnerabilities more than doubled to 146 in 2025\n    </title></head><body><div xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">\n<p>\n        Rapid7 published its 2026 Global Threat Landscape Report, which found that exploited high and critical-severity vulnerabilities more than doubled from 71 in 2024 to 146 in 2025. The report said the median time from vulnerability publication to inclusion in the CISA KEV catalog fell to 5 days from 8.5 days. It also reported that valid accounts with missing or lax multi-factor authentication accounted for 43.9% of incident response investigations in 2025. Ransomware was involved in 42% of Rapid7 MDR incident response investigations, and total ransomware leak posts rose 46.4% to 8,835 in 2025.\n      </p>\n</div><div xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">\n<p>\n<i>Disclaimer: <span>This news brief was created by Public Technologies (PUBT) using generative artificial intelligence. While PUBT strives to provide accurate and timely information, this AI-generated content is for informational purposes only and should not be interpreted as financial, investment, or legal advice. Rapid7 Inc. published the original content used to generate this news brief on March 18, 2026, and is solely responsible for the information contained therein.</span></i>\n</p>\n</div></body></html>\n\n</article>\n</div>\n</body>\n</html>\n","isBrief":false,"type":0,"news_type":1,"symbol":"BK4097","symbol_name":"系统软件","start_time":0,"source_url":"https://api.refinitiv.com/data/news/v1/stories/urn:newsml:reuters.com:20260318:nNDL7WyRgc:1","article_id":"2620255235","we_media_id":"1032215980","thumbnails":[],"rights":null,"url":"https://stock-news.laohu8.com/highlight/detail?id=2620255235","pubTimestamp":1773837836,"columns":[],"sourceInfo":null,"weMediaInfo":{"media_name":"Reuters","introduction":"Reuters.com brings you the latest news from around the world, covering breaking news in markets, business, politics, entertainment and technology","home_visible":1,"id":"1032215980","head_image":"https://community-static.tradeup.com/news/4567337cbdf294b657b1fa87c5488b48"},"summary":"Rapid7 published its 2026 Global Threat Landscape Report, which found that exploited high and critical-severity vulnerabilities more than doubled from 71 in 2024 to 146 in 2025. The report said the median time from vulnerability publication to inclusion in the CISA KEV catalog fell to 5 days from 8.5 days. It also reported that valid accounts with missing or lax multi-factor authentication accounted for 43.9% of incident response investigations in 2025. Ransomware was involved in 42% of Rapid7 MDR incident response investigations, and total ransomware leak posts rose 46.4% to 8,835 in 2025.Disclaimer: This news brief was created by Public Technologies  using generative artificial intelligence. While PUBT strives to provide accurate and timely information, this AI-generated content is for informational purposes only and should not be interpreted as financial, investment, or legal advice. Rapid7 Inc. published the original content used to generate this news brief on March 18, 2026, and i","collect":0,"end_time":0,"defaultTopTitle":"","property":[],"viewcount":null,"language":"en","relate_stocks":{"BK4097":"系统软件","RPD":"Rapid7, Inc.","LU1878469433.USD":"THREADNEEDLE (LUX) - AMERICAN SMALLER COMPANIES \"A\" (USD) ACC"},"translate_title":"Rapid7报告显示，2025年被利用的高度和关键漏洞将增加一倍多，达到146个","themeId":null,"isJumpTheme":false,"ttsUrl":null,"symbols_score_info":{"RPD":0.9},"content_text":"Rapid7 report shows exploited high and critical vulnerabilities more than doubled to 146 in 2025\n    \n\n        Rapid7 published its 2026 Global Threat Landscape Report, which found that exploited high and critical-severity vulnerabilities more than doubled from 71 in 2024 to 146 in 2025. The report said the median time from vulnerability publication to inclusion in the CISA KEV catalog fell to 5 days from 8.5 days. It also reported that valid accounts with missing or lax multi-factor authentication accounted for 43.9% of incident response investigations in 2025. Ransomware was involved in 42% of Rapid7 MDR incident response investigations, and total ransomware leak posts rose 46.4% to 8,835 in 2025.\n      \n\n\nDisclaimer: This news brief was created by Public Technologies (PUBT) using generative artificial intelligence. While PUBT strives to provide accurate and timely information, this AI-generated content is for informational purposes only and should not be interpreted as financial, investment, or legal advice. Rapid7 Inc. published the original content used to generate this news brief on March 18, 2026, and is solely responsible for the information contained therein.","kind":"highlight","is_publish_news":true,"is_publish_highlight":false,"is_publish_live":false,"is_publish_wemedia":null,"editions":null,"column":"","sentiment":"-1","news_tag":"","news_rank":0,"symbols":[],"gpt_button":0,"need_auth":true,"code":"91000000","status":"200"},"commentList":[],"isCommentEnd":true,"newsSizeData":{"likeSize":0,"commentSize":0,"repostSize":0,"favoriteSize":0,"likeStatus":false,"favoriteStatus":false},"APP":{"userAgent":"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)","isDev":false,"isTTM":true,"tenantId":"TBGLOBAL","deviceId":"web-server-community-laohu8-v3","version":"4.37.0","shortVersion":"4.37.0","platform":"web","vendor":"web","appName":"ttm","isIOS":false,"isAndroid":false,"isTiger":false,"isTHS":false,"isWeiXin":false,"isWeiXinMini":false,"isWeiBo":false,"isQQ":false,"isBaiduSwan":false,"isBaiduBox":false,"isDingTalk":false,"isToutiao":false,"isOnePlus":false,"isHuaWei":false,"isXiaomi":false,"isXiaomiWebView":false,"isOppo":false,"isVivo":false,"isSamsung":false,"isMobile":false},"href":"/m/news/2620255235","isCrawlerRequest":true}