An analysis of cybercrime forums reveals what publicly known vulnerabilities attackers are most interested in. Researchers highlight what CVEs are the most frequently mentioned and try to determine where attackers might strike next. ZeroLogon, SMBGhost and BlueKeep were among the most buzzed about vulnerabilities among attackers between Jan. 2020 and March 2021. Microsoft has the dubious distinction of being behind five of the six most popular vulns on the Dark Web, Cognyte found. All the CVEs threat actors are still focused on are old, meaning basic patching and mitigation could have stopped many attacks before they even got started.
Source: https://threatpost.com/top-cves-trending-with-cybercriminals/167889/