Google Threat Intelligence Group Warns Enterprise Systems Increasingly Targeted By Zero-Day Exploits
siliconANGLE, Thursday, March 5th, 2026
A new report out today from Google LLC's Threat Intelligence Group finds that zero-day vulnerability exploitation remained elevated in 2025 as attackers increasingly targeted enterprise infrastructure and security appliances rather than traditional consumer software.
A zero-day vulnerability is a previously unknown software vulnerability that attackers exploit before the vendor has had zero days to fix or patch it.
Google's TIG's 'Look What You Made Us Patch: 2025 Zero-Days in Review,' the company's annual zero-day report, details that Google's researchers tracked 90 zero-day vulnerabilities through 2025. That's down from a record of 100 in 2023 but higher than the 78 recorded in 2024.
By category, 43 exploited zero-days in 2025 targeted enterprise software and infrastructure such as networking devices, security appliances and virtualization platforms. Security and networking appliances accounted for roughly half of those enterprise-related vulnerabilities.