Exploits grow, and stand again in the center of the cybersecurity panorama. New data from the Kaspersky Exploits and Vulnerabilities report in Q2 2025 reveal that both Windows and Linux users are being the objective of a greater number of attacks compared to 2024. The rebound is accompanied by a global increase in the Vulnerability Registry (CVE), which reflects an increasingly complex environment and difficult to control for companies.

What is an exploit and how it can affect security

An exploit is a type of malware designed to take advantage of operating systems or applications in order to obtain unauthorized access. Kaspersky’s analysis confirms that in the second quarter of 2025 64% of the exploitation attempts were directed against critical vulnerabilities in operating systems, compared to 48% of the previous quarter. Third parties applications concentrate 29% and browsers 7%.

Impact on Linux and Windows

The growth is especially visible in Linux: the proportion of exposed users has exceeded in more than 50 points the figure recorded in the same period of 2024, and in the first quarter it was practically doubled compared to the previous year. Windows also reflects an ascending trend: an increase of 25 points in the first 2025 quarter compared to 2024 and 8 more points in the second quarter.

“Cybercriminals use more and more methods for climbing privileges and take advantage of the weaknesses of digital systems,” says Alexander Kolesnikov, Kaspersky security expert. “As the number of vulnerabilities continues to increase, it is essential to prioritize the patch of which are known and use software capable of mitigating subsequent actions to exploitation.”

Exploits grow, a type of malware designed to take advantage of operating systems or applications in order to obtain unauthorized access

Critical vulnerabilities increasing

CVE.ORG data reinforces this vision: while at the beginning of 2024 about 2,600 CVE per month, in 2025 the figure already exceeds 4,000 per month, with a growing proportion of critical vulnerabilities. This volume raises the possibilities that the attackers find useful failures for advanced campaigns (APT), in which they combine zero day failures with vulnerabilities already paved but still without updating in many organizations.

The magnitude of the increase reflects not only the complexity of modern software, but also the lack of resources to maintain a constant update cycle. This gap between the publication of patches and its effective application in corporate environments opens a risk window that cybercounts systematically take advantage of. In sectors such as banking, telecommunications or health, where the criticality of the data is high, exposure to non -corrected vulnerabilities can lead to gaps with a high economic and reputational impact.

What security measure is recommended to avoid the execution of exploits

Given this panorama, experts advise:

  • Analyze exploits only in safe virtual environments.
  • Maintain continuous infrastructure monitoring, especially perimeter defenses.
  • Apply immediate and automated patches management processes.
  • Incorporate security solutions that include detection, response to incidents, training to employees and constantly updated threat databases.
Alex Chen
Alex Chen

Alex Chen serves as the chief editor of Asia Tech Journal, bringing over a decade of experience in technology journalism. Previously writing for several globally renowned publications, Alex is celebrated for his insightful analyses and in-depth reporting on tech trends across Asia. Passionate about innovation, Alex specializes in the dynamic technology ecosystem of China and its global impacts.