Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises

6 days, 7 hours ago securityweek

Less than half of the total zero-days have been attributed to a threat actor, but spyware vendors and China are in the lead.

Google’s Threat Intelligence Group (GTIG) reported on Thursday that 90 zero-day vulnerabilities were exploited in the wild in 2025, and an increasing percentage were aimed at enterprises.

In comparison, the company tracked 78 zero-days in 2024 and 100 in the previous year.

The number of zero-days seen by Google every year

In 2025, Microsoft accounted for 25 of the zero-days, followed by Google (11), Apple (8), and Cisco (4).

Operating systems (both mobile and desktop) were the most targeted, increasing from 40% of the total in 2024 to 44% in 2025.

Mobile device zero-days also increased, from 9 vulnerabilities in 2024 to 15 in 2025. However, in the case of mobile exploits, Google noted that in many cases three or more flaws were chained to achieve ...

Copyright of this story solely belongs to securityweek . To see the full text click HERE

Share: