Exploits, Risks and 3 Types of Botnets

This article summarizes three reports from VulnCheck and Trend Micro — on vulnerability exploitation, how GenAI affects the exploit ecosystem, and the evolution of botnets. Despite their different focus areas, they all agree on one thing: the number of exploits is rising, their quality is dropping, and attacks are becoming faster and more scalable.

🗡 VulnCheck released a report on vulnerability exploitation over the past year (based on 500+ sources):

🔸 Researchers identified 14,400+ exploit artifacts for 10,480 CVEs (~26% of all identified), yet only a small fraction are used in real attacks (~1%). 🔸 The number of GenAI-generated PoCs is growing — many of which are nonfunctional. 🔸 Nearly half of the vulnerabilities actively exploited are from the same year, and the growth of KEV shows that attackers quickly weaponize new CVEs. 🔸 AI slop is on the rise — a flood of broken or fake exploits cluttering GitHub and degrading threat intelligence quality.

🤖 Trend Micro reported in its study on the risks of unmanaged AI adoption:

🔸 Models make factual and contextual errors (geography, culture, social aspects). 🔸 They generate plausible but inaccurate responses. 🔸 These models struggle to separate relevant from irrelevant information.

🤖 In another report, Trend Micro described the evolution of botnets:

🔸 Researchers identified three types of botnets differing in attack strategy: mass-distribution botnets, targeted