nostr:npub1623w6tvcc3ghmsdeh7qgdvs9apsksy3xze59squ87909u5y5cqzqmvkfjx I am a threat hunter, not an intel analyst, however I would point out a couple things here.

First, MOVEIt exploiters were mostly ransomware actors, who will buy 0-days, but not necessarily develop them. 

There's a temporal component here as well. I'd have to check the numbers, and it's still early, but it doesn't seem like there's a massive uptick in network device 0-days being released since MOVEIt, which makes sense, given the amount of R&D a brand new 0-day usually takes to develop.

It's also the case that cl0p et al were not specifically targeting tech companies with MOVEIt. 

I suppose it's possible that successful compromise of some vendors led to the discovery of undisclosed critical vulns, but that seems like a rarity. 

The increased development of network appliance 0-days has been business-as-usual for a while now—at least since CVE-2019-19781 (original Netscaler RCE).