Signal

Surge in Zero-Day Exploitation Targets Enterprises in 2025

Evidence first: scan the strongest sources, then decide whether to go deeper.

Published 2026-03-05 10:00 UTCUpdated 2026-03-05 23:52 UTC

rss

exploited_zero

Source links open

Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.

Back Evidence (6)Get the free brief by email Start free trial

No card needed for the free brief.

Evidence trail (top sources)

top sources (4 domains)

4 top sources shown

Google says spyware makers and China-linked groups dominated zero-day attacks last year

The Register Security · News · go.theregister.com · 2026-03-05 23:52 UTC

Viable defense strategies against zero days and supply chain risks

SC Media · News · scworld.com · 2026-03-05 16:43 UTC

Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises

SecurityWeek · News · securityweek.com · 2026-03-05 15:00 UTC

Google says 90 zero-days exploited in 2025 as commercial vendor activity grows

The Record (Recorded Future News) · News · therecord.media · 2026-03-05 14:48 UTC

View all evidence

Overview

In 2025, the exploitation of zero-day vulnerabilities surged, particularly against enterprise technologies, with spyware vendors leading the charge over nation-state actors. Google reported 90 exploited zero-days, with a significant portion attributed to state-sponsored groups, especially those linked to China.

Score total

1.54

Momentum 24h

6

Posts

6

Origins

6

Source types

1

Duplicate ratio

0%

Why now

Recent reports highlight a record number of zero-day vulnerabilities exploited in 2025.
The increasing focus on enterprise technologies underscores the need for enhanced security.
The evolving landscape of cyber threats requires immediate attention from organizations.

Why it matters

The rise in zero-day exploitation poses significant risks to enterprise security.
Understanding the shift towards spyware vendor activity can inform defense strategies.
State-sponsored groups remain a critical threat, necessitating robust cybersecurity measures.

LLM analysis

Topic mix: lowPromo risk: lowSource quality: high

Recurring claims

In 2025, 90 zero-day vulnerabilities were exploited, with 43 targeting enterprise technologies.
Spyware vendors exploited more zero-days than nation-state actors last year.
State-sponsored groups, particularly those linked to China, were among the most prolific exploiters of zero-days.

How sources frame it

Google Threat Intelligence Group: neutral

All evidence

All evidence

Google says spyware makers and China-linked groups dominated zero-day attacks last year

The Register Security · go.theregister.com · 2026-03-05 23:52 UTC

Viable defense strategies against zero days and supply chain risks

SC Media · scworld.com · 2026-03-05 16:43 UTC

Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises

SecurityWeek · securityweek.com · 2026-03-05 15:00 UTC

Google says 90 zero-days exploited in 2025 as commercial vendor activity grows

The Record (Recorded Future News) · therecord.media · 2026-03-05 14:48 UTC

Look What You Made Us Patch: 2025 Zero-Days in Review

Mandiant Blog · cloud.google.com · 2026-03-05 14:00 UTC

Spyware suppliers exploit more zero-days than nation states

ComputerWeekly IT Security · computerweekly.com · 2026-03-05 10:00 UTC

Show filters & breakdown

Posts loaded: 0Publishers: 6Origin domains: 6Duplicates: -

Platform

Publisher

Origin domain

Relevance tier

Duplicates only

Showing 6 / 0

Top publishers (this list)

The Register Security (1)
SC Media (1)
SecurityWeek (1)
The Record (Recorded Future News) (1)
Mandiant Blog (1)
ComputerWeekly IT Security (1)

Top origin domains (this list)

go.theregister.com (1)
scworld.com (1)
securityweek.com (1)
therecord.media (1)
cloud.google.com (1)
computerweekly.com (1)