US EditionGoogle: Spyware Vendors, China-Linked Spies Led 0-Day Abuse
Google Threat Intelligence Group tracked 90 zero-day exploits in 2025, with 48% targeting enterprise security and networking devices lacking endpoint detection and response coverage.
- Last year, Google Threat Intelligence Group tracked 90 zero-day vulnerabilities exploited in the wild, a 15% rise from 2024 and split into 47 end-user and 43 enterprise hits.
- Commercial surveillance vendors such as NSO Group, Intellexa, and Candiru led the shift as attackers focused on enterprise infrastructure including edge devices, security appliances, and networking equipment.
- GTIG attributed 42 of the zero-days to identifiable actor types, including 15 exploited by CSVs, while Microsoft was the top vendor hit with 25 zero-days last year.
- About half of the exploited bugs affected protective devices, impacting Harvard University and Envoy; GTIG mitigation recommendations include reducing attack surfaces and rapid patching.
- Google reports that memory-safety issues accounted for 35% of exploited zero-day vulnerabilities last year, with nine zero-days exploited by financially motivated actors, and Sadowski said, 'In particular, PRC-nexus espionage groups exploited the highest number of enterprise tech zero-days we attributed.
14 Articles
14 Articles
Google says half of all zero-days it tracked in 2025 targeted buggy enterprise tech
Enterprise software was a major focus of zero-day activity during 2025, with security and networking devices, like firewalls, VPNs, and virtualization platforms, among the top targeted by malicious hackers.
Google Reports 2025 Zero-Days Exploits Targeted the Very Tools Meant to Stop Them
You would think that companies that employ enterprise-grade software would focus on security. After all, you don’t want trade secrets like upcoming plans, contracts, payroll, and stuff to leak or be stolen, right? But surprisingly, according to Google, half of the zero-day exploits it tracked targeted enterprise tech. Google says half of zero-day exploits belong to enterprise tech According to the Google Threat Intelligence group, it tracked 90 …
Google has just released its annual report on zero-day faults. In 2025, its intelligence team counted 90 exploited vulnerabilities before being corrected. Nearly half were for corporate equipment, a record, and spyware sellers are ranked first. 90 faults, 43 against companies The Google Threat Intelligence Group followed 90 zero-day faults exploited in nature in 2025, compared to 78 in 2024 and 100 in 2023. The overall figure remains within the …
Coverage Details
Bias Distribution
- 100% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
