<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Exploit Intelligence on FIR Risk Advisory | Risk Intelligence. Engineered.</title><link>https://firrisk.ai/tags/exploit-intelligence/</link><description>Recent content in Exploit Intelligence on FIR Risk Advisory | Risk Intelligence. Engineered.</description><generator>Hugo</generator><language>en-us</language><lastBuildDate>Wed, 15 Jul 2026 00:00:00 +0000</lastBuildDate><atom:link href="https://firrisk.ai/tags/exploit-intelligence/index.xml" rel="self" type="application/rss+xml"/><item><title>INTEL-30: The Pre-Disclosure Window</title><link>https://firrisk.ai/intel/intel-30-the-pre-disclosure-window/</link><pubDate>Wed, 15 Jul 2026 00:00:00 +0000</pubDate><guid>https://firrisk.ai/intel/intel-30-the-pre-disclosure-window/</guid><description>&lt;h2 id="the-intel" class="heading "&gt;The INTEL&lt;a href="#the-intel" aria-labelledby="the-intel"&gt;








&lt;!-- &lt;i class="fas fa-link anchor"&gt;&lt;/i&gt; --&gt;
 &lt;svg class="svg-inline--fa fas fa-link anchor" fill="currentColor" aria-hidden="true" role="img" viewBox="0 0 576 512"&gt;&lt;use href="#fas-link"&gt;&lt;/use&gt;&lt;/svg&gt;&amp;nbsp;
 &lt;/a&gt;
&lt;/h2&gt;
&lt;p&gt;&lt;strong&gt;Nearly three in ten actively-exploited vulnerabilities in 2025 were being weaponized on or before the day they were disclosed. For those, &amp;ldquo;patch faster&amp;rdquo; was never an option — exploitation arrived before the fix existed. Stop planning your vulnerability program around a reaction window that, for the vulnerabilities that matter most, no longer exists.&lt;/strong&gt;&lt;/p&gt;
&lt;p&gt;VulnCheck&amp;rsquo;s 2026 Exploit Intelligence Report puts a hard number on the fear defenders couldn&amp;rsquo;t previously quantify: &lt;strong&gt;28.96% of the vulnerabilities added to CISA&amp;rsquo;s Known Exploited Vulnerabilities (KEV) catalog in 2025 were exploited on or before the day their CVE was published&lt;/strong&gt; — up from 23.6% the year before. The 2026 Verizon DBIR, working from a completely separate dataset, put the same figure at &lt;strong&gt;29%&lt;/strong&gt;. Two independent sources, the same fraction — which is exactly the kind of agreement worth trusting.&lt;/p&gt;</description></item><item><title>E91 - The Window Closed</title><link>https://firrisk.ai/tuesday/e91-the-window-closed/</link><pubDate>Tue, 14 Jul 2026 00:00:00 +0000</pubDate><guid>https://firrisk.ai/tuesday/e91-the-window-closed/</guid><description>&lt;h2 id="one-report-is-a-claim-three-is-a-pattern" class="heading "&gt;One report is a claim. Three is a pattern.&lt;a href="#one-report-is-a-claim-three-is-a-pattern" aria-labelledby="one-report-is-a-claim-three-is-a-pattern"&gt;








&lt;!-- &lt;i class="fas fa-link anchor"&gt;&lt;/i&gt; --&gt;
 &lt;svg class="svg-inline--fa fas fa-link anchor" fill="currentColor" aria-hidden="true" role="img" viewBox="0 0 576 512"&gt;&lt;use href="#fas-link"&gt;&lt;/use&gt;&lt;/svg&gt;&amp;nbsp;
 &lt;/a&gt;
&lt;/h2&gt;
&lt;p&gt;Any single vendor threat report is easy to discount. The company publishing it sells the cure for the disease it diagnoses, and it has every reason to make the disease sound terminal. We read them anyway — carefully, and against each other — because when reports that share nothing but a publication quarter start telling the same story from opposite ends of the industry, the story stops being marketing and starts being signal.&lt;/p&gt;</description></item></channel></rss>