Google’s Threat Intelligence Group reported 90 zero-day vulnerabilities exploited in the wild in 2025, up from 78 in 2024, with operating systems and mobile devices increasingly targeted and Microsoft, Google, Apple, and Cisco among the most affected vendors. Attribution links 42 zero-days to specific actors—commercial surveillance vendors exploited the largest share and PRC‑nexus groups such as UNC5221 and UNC3886 focused on security and edge appliances—while nearly half of the flaws targeted enterprise technologies, and Google warns AI will amplify both attack and defense capabilities in 2026. #UNC5221 #UNC3886
Keypoints
- Google tracked 90 zero-days in 2025, up from 78 in 2024.
- Microsoft accounted for the largest share with 25 exploited zero-days.
- Operating systems were the most targeted category (44%), and mobile zero-days increased to 15, often chained.
- Commercial surveillance vendors led attributed exploitations, and PRC‑nexus groups like UNC5221 and UNC3886 remained active.
- Nearly half of the zero-days affected enterprise networking and security appliances, and AI is expected to shape both offense and defense in 2026.
Read More: https://www.securityweek.com/google-half-of-2025s-90-exploited-zero-days-aimed-at-enterprises/