Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

CISA KEV remediation lag is widening as exploit timelines shrink

Target Trend
First reported
Last updated
Happening score
H score 39
1 unique sources, 1 articles

Summary

Hide ▲

CISA KEV remediation lag is widening across 10,000 organizations, leaving enterprise exposures open longer than attackers need to weaponize them. Critical vulnerabilities still open at Day 7 rose from 56% to 63%, and in a sample of 52 weaponized vulnerabilities, 88% were patched more slowly than they were exploited. The findings point to a growing human ceiling in vulnerability management and suggest defenders are increasingly chasing exposures after adversaries have already moved.

Related Happenings

Verizon 2026 DBIR shows vulnerability exploitation as the top breach access trend in 2025

Target Trend
First: 20.05.2026 03:04 Last: 20.05.2026 03:04 Sources 1

About this happening: **Vulnerability exploitation** became the leading breach access vector in **2025**, increasing compromise risk across **31,000 incidents** and **22,000+ confirmed breaches**. **Un...

Open Happening

CPanel & WHM authentication-bypass exploitation wave (CVE-2026-41940)

Exploitation Wave
First: 04.05.2026 11:25 Last: 04.05.2026 11:25 Sources 1

About this happening: Active exploitation of **CVE-2026-41940** is driving a **large cPanel & WHM compromise wave**, putting exposed servers at risk of administrative takeover. **More than 40,000 serve...

Open Happening

2025 Global cybercrime surge across credentials, ransomware, DDoS, and KEV exploitation

Target Trend
First: 29.04.2026 16:00 Last: 29.04.2026 16:00 Sources 1

About this happening: In **2025**, global cybercrime activity intensified across **compromised credentials**, **ransomware**, **DDoS**, and **KEV exploitation**, raising risk for organizations worldwid...

Open Happening

NIST CVE/NVD prioritization shift

Public Sector Action
First: 17.04.2026 00:47 Last: 17.04.2026 00:47 Sources 1

About this happening: **NIST** is **changing** its **CVE/NVD prioritization** so that, starting **April 15, 2026**, it will provide full details only for a **subset of CVEs**. The shift matters because...

Open Happening

NIST/NVD risk-based CVE enrichment change

Public Sector Action
First: 16.04.2026 15:43 Last: 16.04.2026 15:43 Sources 1

About this happening: **NIST** said the **US National Vulnerability Database (NVD)** will switch to a **risk-based CVE enrichment** model to cope with backlog growth. The change will **drop enrichment...

Open Happening

Timeline

  1. 10.04.2026 17:01 2 articles · 1mo ago

    Qualys reports widening CISA KEV remediation lag

    Initial Disclosure

    Qualys Threat Research Unit analyzes more than one billion CISA KEV remediation records across 10,000 organizations over four years and reports that human-scale vulnerability remediation is losing ground: critical vulnerabilities still open at Day 7 worsened from 56% to 63%, average Time-to-Exploit reached negative seven days, and 88% of 52 tracked weaponized vulnerabilities were remediated more slowly than they were exploited. The findings also highlight examples such as Spring4Shell and Cisco IOS XE, reinforcing that organizations are spending longer on remediation while exploit timelines continue to shrink.

    Show sources
    Open in new tab