Increase in Zero-Day Exploits in 2025

First reported

05.03.2026 17:03

Last updated

1 unique sources, 1 articles

Summary

Hide ▲

Google Threat Intelligence Group (GTIG) reported tracking 90 zero-day vulnerabilities exploited in 2025, a 15% increase from 2024. Nearly half targeted enterprise software and appliances. Memory safety issues accounted for 35% of these exploits. Commercial spyware vendors were the largest users of zero-days, surpassing state-sponsored groups. China-linked espionage groups remained the most active among state actors, while financially motivated actors also increased their use of zero-days. The most targeted enterprise systems included security appliances, networking infrastructure, VPNs, and virtualization platforms. Google recommends reducing attack surfaces, continuous monitoring, and rapid patching to mitigate risks.

Timeline

05.03.2026 17:03 1 articles · 2h ago

GTIG Reports 90 Zero-Day Exploits in 2025
Google Threat Intelligence Group (GTIG) tracked 90 zero-day vulnerabilities exploited in 2025, a 15% increase from 2024. Nearly half targeted enterprise software and appliances. Memory safety issues accounted for 35% of these exploits. Commercial spyware vendors were the largest users of zero-days, surpassing state-sponsored groups. China-linked espionage groups remained the most active among state actors, while financially motivated actors also increased their use of zero-days.
Show sources

Google says 90 zero-days were exploited in attacks last year — www.bleepingcomputer.com — 05.03.2026 17:03
Open in new tab

Information Snippets

GTIG tracked 90 zero-day vulnerabilities exploited in 2025, a 15% increase from 2024.
First reported: 05.03.2026 17:03

1 source, 1 article
Show sources
- Google says 90 zero-days were exploited in attacks last year — www.bleepingcomputer.com — 05.03.2026 17:03
47 zero-days targeted end-user platforms, while 43 targeted enterprise products.
First reported: 05.03.2026 17:03

1 source, 1 article
Show sources
- Google says 90 zero-days were exploited in attacks last year — www.bleepingcomputer.com — 05.03.2026 17:03
Memory safety issues accounted for 35% of all exploited zero-day vulnerabilities in 2025.
First reported: 05.03.2026 17:03

1 source, 1 article
Show sources
- Google says 90 zero-days were exploited in attacks last year — www.bleepingcomputer.com — 05.03.2026 17:03
Commercial spyware vendors were the largest users of zero-days, surpassing state-sponsored espionage groups.
First reported: 05.03.2026 17:03

1 source, 1 article
Show sources
- Google says 90 zero-days were exploited in attacks last year — www.bleepingcomputer.com — 05.03.2026 17:03
China-linked espionage groups exploited 10 zero-days in 2025, targeting edge devices, security appliances, and networking equipment.
First reported: 05.03.2026 17:03

1 source, 1 article
Show sources
- Google says 90 zero-days were exploited in attacks last year — www.bleepingcomputer.com — 05.03.2026 17:03
Financially motivated actors accounted for nine zero-day exploits in 2025.
First reported: 05.03.2026 17:03

1 source, 1 article
Show sources
- Google says 90 zero-days were exploited in attacks last year — www.bleepingcomputer.com — 05.03.2026 17:03
Google recommends reducing attack surfaces, continuous monitoring, and rapid patching to mitigate zero-day risks.
First reported: 05.03.2026 17:03

1 source, 1 article
Show sources
- Google says 90 zero-days were exploited in attacks last year — www.bleepingcomputer.com — 05.03.2026 17:03

Summary

Timeline

GTIG Reports 90 Zero-Day Exploits in 2025

Information Snippets