Andrew Davies
Sustained attentionTopic · Strong evidence

Active Vulnerability Exploitation

Active vulnerability exploitation appears in 1.9% of current coverage, down from 2.4%, across 18 unique stories from 6 sources.

1.9%

share of coverage

Previously 2.4% · -0.5 points

18

unique stories

6

independent sources

4

real-world actions

Movement over time

Share of coverage

Select a point to filter the supporting evidence to that week.

Hover over a line, focus a point, or select a date to inspect its evidence. Drag the handles to zoom.

View the same values as a table
Share of coverage values shown in the interactive chart
DateActive vulnerability exploitation
January 12, 20262.0% · +0.0 points · 1 stories · 1 sources · 0 actions
January 19, 20264.1% · +2.0 points · 2 stories · 2 sources · 1 actions
January 26, 202614.6% · +10.6 points · 6 stories · 3 sources · 0 actions
February 2, 20260.0% · -14.6 points · 0 stories · 0 sources · 0 actions
February 9, 20263.8% · +3.8 points · 2 stories · 1 sources · 0 actions
February 16, 20263.5% · -0.3 points · 2 stories · 2 sources · 0 actions
February 23, 20262.9% · -0.6 points · 2 stories · 2 sources · 0 actions
March 2, 20265.7% · +2.8 points · 4 stories · 4 sources · 0 actions
March 9, 20260.0% · -5.7 points · 0 stories · 0 sources · 0 actions
March 16, 20261.7% · +1.7 points · 1 stories · 1 sources · 0 actions
March 23, 20260.0% · -1.7 points · 0 stories · 0 sources · 0 actions
March 30, 20261.5% · +1.5 points · 1 stories · 1 sources · 0 actions
April 6, 20264.3% · +2.9 points · 3 stories · 3 sources · 0 actions
April 13, 20263.6% · -0.7 points · 3 stories · 3 sources · 0 actions
April 20, 20261.4% · -2.2 points · 1 stories · 1 sources · 0 actions
April 27, 20261.5% · +0.1 points · 2 stories · 2 sources · 1 actions
May 4, 20260.9% · -0.6 points · 2 stories · 2 sources · 0 actions
May 11, 20263.7% · +2.8 points · 10 stories · 6 sources · 2 actions
May 18, 20261.9% · -1.8 points · 5 stories · 2 sources · 1 actions
May 25, 20261.6% · -0.3 points · 4 stories · 2 sources · 0 actions
June 1, 20262.4% · +0.8 points · 6 stories · 3 sources · 2 actions
June 8, 20263.5% · +1.1 points · 9 stories · 3 sources · 3 actions
June 15, 20261.2% · -2.3 points · 3 stories · 2 sources · 0 actions
June 22, 20262.3% · +1.1 points · 6 stories · 4 sources · 2 actions
June 29, 20262.5% · +0.1 points · 6 stories · 2 sources · 1 actions
July 6, 20261.9% · -0.6 points · 5 stories · 4 sources · 0 actions
July 13, 20261.0% · -0.9 points · 1 stories · 1 sources · 1 actions
View actions shown on the chart
Awards, trials, funding, deployments, and policy changes annotated on the chart
DateSignalWhat happenedAction type
July 13, 2026Active vulnerability exploitationBuying activityBuying activity
July 1, 2026Active vulnerability exploitationEntering useEntering use
June 25, 2026Active vulnerability exploitationEntering useEntering use
June 25, 2026Active vulnerability exploitationBeing testedBeing tested

Why now

Active vulnerability exploitation appears in 1.9% of current coverage, down from 2.4%, across 18 unique stories from 6 sources.

Why it matters

This can change the threat picture, defensive priorities, compliance burden, and security investment.

What to watch

Watch for named buyers, funding, contracts, trials, deployments, policy changes, and repeated independent reporting tied to Active vulnerability exploitation.

Evidence

Important announcements and sources

  1. Jul 13, 2026ShareFile Emergency Shutdown ⚠️, Injective npm Key Theft 🪙, NSA Revives TAO Name 🏢TLDR InfoSecProgress Software ordered ShareFile customers to shut down Windows-based Storage Zone Controllers after detecting a credible external threat TLDR INFORMATION SECURITY 2026-07-13 HOW ARE AWS, SNOWFLAKE, AND THE NFL SECURING ENTERPRISE AI? (SPONSOR) AI adoption is accelerating and security teams need practical strategies to keep pace. Join hundreds of security, data, and AI leaders and practitioners for two days of r
  2. Jul 11, 2026(Urgent) Progress ShareFile Warning, OpenClaw Exploit Chain, Laser Password Reset AttackThe Hacker News
  3. Jul 10, 2026npm 12 Reduces Supply Chain Risk ⛓️, 130 Exploits Published 👿, Linux Distro Sabotage 💣TLDR InfoSecGitHub released npm 12 with install scripts, git dependencies, and remote URL installs turned off by default, forcing explicit approval TLDR INFORMATION SECURITY 2026-07-10 DEFENDING AGAINST THE NEXT GENERATION OF AGENTIC AI ATTACKS. (SPONSOR) Can your architecture defend against attacks that are autonomous, adaptive, and faster than anything you've seen before? Frontier AI models are compressing the attack
  4. Jul 10, 2026July 10 - Microsoft Reins in RoguePlanet Zero-Day ThreatDark ReadingDark Reading Newsletter July 10, 2026: Sneak peek into the newsletter: Ransomware Ecosystem Grows, But ‘Four-Headed Monster’ Dominates
  5. Jul 9, 2026AppSecClint GiblerAppSec Exploitarium: Mass Disclosure of Zero-Day Proof-of-Concepts Ethan Andrews describes how an anonymous GitHub researcher named "bikini" published Exploitarium, an archive of over 130 proof-of-concept exploits and vulnerability write-ups dropped without informing vendors, covering targets like libssh2, Gitea, 7-Zip, Docker, OpenVPN Connect, VLC, and nmap. 💡 As more people gain the ability to find serious vulnerabilities, we might see more drops like this 😅 Important to speed up triage and patching for…