Threat Snapshot 2 Stolen Access Credentials 6 Tips 7 Ransomware 5 Key Findings 1 1898 280 280 257 176 164 147 99 95 88 Most Vulnerable Products by No. of Vulnerabilities Disclosed in 2024 Linux Linux Kernel Microsoft Experience Manager Adobe Android Apple Windows_10_1507 Google macOS IBM iPadOS Oracle Chrome Oretnom23 GitLab Samsung Android Qualcomm IrfanView 1898 751 669 397 375 277 239 191 179 169 Most Vulnerable Vendors by No. of Vulnerabilities Disclosed in 2024 The most vulnerable product of 2024 was Linux Kernel, with 1898 vulnerabilities disclosed in 2024, compared to only 178 vulnerabilities in 2023, representing a significant rise. This surge occurred after the Linux Kernel Project became a CVE Numbering Authority (CNA) in 2023, granting it the authority to independently issue CVE identifiers to vulnerabilities affecting the Linux Kernel. 20 Previously, the Linux Kernel Project used third-party CNAs and would typically introduce security patches in updates without issuing CVEs for every identified issue. However, after becoming a CNA, the Linux Kernel Project began issuing a CVE not just for security flaws but also for trivial bug fixes (which previously would not get a CVE identifier), resulting in the surge observed in the past year. Analysis of the top vulnerable products is helpful in understanding the attack surface by revealing what products are more prone to exploitation by attackers due to the high number of vulnerabilities they can abuse. However, to get better and focused intelligence it is also important to look at these vulnerabilities from the side of the attacker. The analysis below highlights the vulnerabilities most frequently discussed by threat actors across the various sources analyzed by the LUMINAR Threat Intelligence Team over the past year, including hacking and cybercrime-related forums and dark web marketplaces, alongside other sources like Telegram, social media, commercial feeds, various proprietary sources and more. Vulnerability Intelligence 4 Blurring Boundaries 3 14