The article highlights a persistent threat landscape where attackers are successfully exploiting known, decade-old vulnerabilities in unpatched systems, such as a specific Hikvision IP camera flaw linked to 67 million UK attack attempts in 2025. Despite a drop in overall ransomware volume, successful compromises rose by 20%, with SMBs being disproportionately targeted in 88% of breaches. The use of AI tools is accelerating these attacks, and organizations are advised to prioritize patching legacy systems, replacing unpatchable hardware, and implementing network segmentation.
Vulnerability Management , Patch/Configuration Management , Threat Intelligence Decade-old vulnerabilities continue to fuel millions of cyberattacks in the UK May 1, 2026 Share By SC Staff Coverage from Tech Radar indicates that organizations across the United Kingdom are still operating computer systems with security vulnerabilities that were first identified over ten years ago, with cybercriminals actively exploiting these weaknesses. Cybercriminals are leveraging outdated and unpatched systems, with a single vulnerability in Hikvision IP cameras reportedly accounting for 67 million attack attempts in the UK during 2025, according to SonicWall. This highlights a trend where attackers exploit known, ignored weaknesses rather than relying on sophisticated zero-day exploits. Despite a significant drop in overall ransomware volume, the number of successful compromises rose by 20%, indicating attackers are achieving more damage per breach. Smaller organizations are disproportionately affected, with ransomware present in 88% of SMB breaches. The increasing use of AI tools is also accelerating attacks, with AI-enabled attacks rising by 89% due to bots scanning networks at an unprecedented scale. To combat this, organizations are advised to inventory and patch old devices, replace unpatchable hardware, implement network segmentation, and regularly test firewalls. Source: Tech Radar SC Staff Related Vulnerability Management Hackers exploit Qinglong vulnerabilities to deploy cryptominers SC Staff May 1, 2026 The vulnerabilities, identified as CVE-2026-3965 and CVE-2026-4047, affect Qinglong versions 2.20.1 and older. Security Operations Practice by Numbers fixes patient data exposure bug SC Staff May 1, 2026 A patient, Joseph R. Cox, discovered the vulnerability, which allowed any user with portal access to view other patients' documents, including personal information, medical histories, and photo identification. Vulnerability Management Critical cPanel vulnerability actively exploited in the wild SC Staff April 30, 2026 The vulnerability stems from a Carriage Return Line Feed (CRLF) injection flaw within the login and session loading processes of cPanel & WHM. Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms Backdoor Black Hat Botnet Brute Force Deauthentication Attack Deepfake Defacement Denial of Service Domain Hijacking Drive-by Download You can skip this ad in 5 seconds