Researchers examine English- and Russian-language underground exploits to track how exploits are advertised and sold. RSA CONFERENCE 2021 – Microsoft products accounted for 47% of the CVEs that cybercriminals request across underground forums, according to researchers who conducted a yearlong study into the exploit market. The research spanned more than 600 English and Russian language forums, said Mayra Rosario Fuentes, senior threat researcher at Trend Micro, who presented some of the findings in her RSA Conference talk "Tales from the Underground: The Vulnerability Weaponization Lifecycle." Researchers sought to learn which exploits were sold and requested, the types of sellers and buyers involved in transactions, and how their findings compared with their detection systems'.