Evolving Zero-Day Exploit Trends
Google’s Threat Intelligence Group reports a slight decline in zero-day exploitations in 2024 compared to 2023, crediting improved secure development practices by major software vendors. Exploits targeting internet browsers dropped by about a third, and mobile operating system vulnerabilities were halved. These results suggest that investments in exploit mitigations are paying off—at least in consumer-facing technologies.
However, attackers are now pivoting to enterprise platforms, which are often less rigorously maintained. In 2024, 44% of zero-day exploits targeted enterprise-specific technologies like Ivanti’s Connect Secure VPN and Palo Alto Networks’ PAN-OS firewall, up from 37% the year before. Security and networking products made up 60% of these attacks, as breaching these systems offers more efficient access to critical infrastructure and sensitive networks.
Also, government-backed cyber-espionage groups and commercial spyware vendors led the charge, accounting for more than 50% of known exploitations. Notably, Google found North Korea tied with China for the number of zero-day attacks attributed to a single nation-state, marking a significant shift in the global threat landscape. Despite 2024’s modest dip, Google warns that the long-term trajectory of zero-day exploitation continues to rise steadily.
Geller, Eric. 2025. “Zero-Day Exploitation Drops Slightly from Last Year, Google Report Finds.” Cybersecurity Dive. Apr. 29.
READ: https://bit.ly/4m5VE8I
