Half of 2025’s Zero-Day Attacks Targeted Flawed Enterprise Tech
▼ Summary
– Google’s report found that 48% of tracked zero-day vulnerabilities last year were in technologies used by corporations, marking a new high for enterprise targeting.
– About half of those enterprise zero-days exploited the security and networking devices, like firewalls and VPNs, that are designed to protect corporate networks.
– Hackers commonly exploited basic flaws, such as in input validation, to breach these defenses, which require software updates to fix.
– The remaining 52% of zero-days were in consumer products, with most found in operating systems and an increase seen on mobile devices.
– Google attributed more zero-days to commercial surveillance vendors than to traditional state-backed groups, indicating a shift in how governments acquire hacking tools.
A recent analysis reveals a significant shift in the cybersecurity landscape, with enterprise technology now bearing the brunt of sophisticated attacks. Approximately half of all zero-day vulnerabilities exploited in 2023 targeted corporate systems, setting a concerning new record. These attacks, which exploit software flaws unknown to the vendor, increasingly focus on the very infrastructure designed to protect large organizations.
The data indicates that 48% of tracked zero-days were found in technologies used by corporations. Even more alarming, many of these attacks successfully compromised security and networking devices themselves. Products like firewalls from Cisco and Fortinet, alongside VPN and virtualization platforms from Ivanti and VMware, were among the most frequently targeted. Hackers leveraged common weaknesses, such as flawed input validation and insufficient authorization checks, to breach these defensive perimeters and infiltrate customer networks.
Beyond perimeter security, other enterprise software contributed to the problem. Researchers highlighted a campaign by the Clop extortion gang that exploited vulnerabilities in Oracle’s E-Business Suite. This attack resulted in the theft of extensive human resources data from numerous organizations, including Harvard University and the Washington Post. These incidents underscore how a single flaw in critical business software can lead to widespread data exposure.
While enterprise tech faced intense scrutiny, consumer products were not immune. The remaining 52% of zero-day bugs affected end-user software from major vendors like Microsoft, Google, and Apple. Operating systems were the primary target in this category, with mobile devices experiencing a notable increase in discovered vulnerabilities compared to prior years.
The report also identified a noteworthy trend in attribution. More zero-day exploits were linked to commercial surveillance vendors than to traditional state-sponsored espionage groups. These vendors, which develop spyware and hacking tools for government clients, represent a growing segment of the threat ecosystem. This shift points to an evolving model where governments increasingly procure sophisticated intrusion capabilities from the private market rather than developing them in-house.
(Source: TechCrunch)
