Google says 90 zero-days exploited in 2025 as commercial vendor activity grows

A significant surge in zero-day exploits was observed in 2025, with 90 vulnerabilities being exploited by various threat actors, exceeding the 78 instances reported in 2024. This notable increase highlights the growing activity of commercial vendors in the zero-day exploit market. The Google Threat Intelligence Group tracked these exploits, which were used by multiple actors to carry out attacks. The rise in zero-day exploits underscores the importance of prompt patching, as the window for remediation is rapidly shrinking. This trend is particularly concerning, as it indicates that threat actors are increasingly leveraging zero-day vulnerabilities to gain an advantage¹. The fact that Google's systems were targeted by these exploits emphasizes the need for immediate assessment of exposure to these vulnerabilities. This matters to security practitioners because the expanding zero-day market means that the time available to apply patches and mitigate vulnerabilities is dwindling, making swift action crucial to prevent exploitation.