Exploits and vulnerabilities in Q4 2025

Q4 2025 overview of vulnerabilities and exploits: the report presents CVE registration statistics, exploit detection trends for Windows and Linux, top vulnerabilities used in APT campaigns, and the most common C2 frameworks (Sliver, Mythic, Havoc). It calls out actively exploited critical flaws (React2Shell, RediShell, WinRAR and 7-Zip archive traversal, WSUS insecure deserialization, Zerologon, PrintNightmare), documents a surge in Linux exploit attempts, and recommends timely patching, continuous monitoring, and adaptive defenses to mitigate ongoing threats.