Ethical Hacking News
A recent report by Google's Threat Intelligence Group (GTIG) highlights the significant increase in zero-day vulnerabilities exploited in 2025, with nearly half of them targeting enterprise technologies and corporate infrastructure. This marks a record share for such attacks, underscoring the growing trend towards enterprise-focused cyber threats.
90 zero-day vulnerabilities were identified as being exploited by attackers in 2025, with nearly half targeting enterprise technologies and corporate infrastructure. Browser exploitation declined significantly in 2025, while operating system flaws became increasingly abused. Nation-state actors primarily targeted edge devices and security appliances, whereas commercial surveillance vendors focused on mobile and browser exploit chains. Attackers have adapted their techniques to target enterprise-focused attacks, using sophisticated exploit chains and chained vulnerabilities to reach desired levels of access. The growing trend towards enterprise-focused cyber threats has significant implications for organizations and their cybersecurity strategies.
Google's Threat Intelligence Group (GTIG) has recently published a report highlighting the significant increase in zero-day vulnerabilities exploited in the wild in 2025. According to the report, a total of 90 zero-day flaws were identified as being exploited by attackers, with nearly half of them targeting enterprise technologies and corporate infrastructure. This marks a record share for such attacks, underscoring the growing trend towards enterprise-focused cyber threats.
The GTIG report also notes that browser exploitation declined significantly in 2025, while operating system flaws became increasingly abused. Nation-state actors primarily targeted edge devices and security appliances, whereas commercial surveillance vendors continued to focus on mobile and browser exploit chains. Furthermore, researchers observed sophisticated exploit chains affecting browsers, mobile devices, and enterprise appliances, including attacks on SonicWall systems that combined authentication bypass, remote code execution, and privilege escalation vulnerabilities.
The increasing sophistication of cyber threats highlights the evolving nature of the threat landscape. As vendor mitigations continue to evolve and increasingly prevent more simplistic exploitation, threat actors have been forced to adapt their techniques. In some cases, attackers have increased the number of chained vulnerabilities to reach desired levels of access within highly protected components. Conversely, threat actors have also managed successful exploitation with fewer or singular bugs by targeting lower levels of access within a single capability, such as an application or service.
The growing trend towards enterprise-focused cyber threats has significant implications for organizations and their cybersecurity strategies. As attackers increasingly target enterprise technologies and corporate infrastructure, it is essential for organizations to stay vigilant and proactive in identifying and mitigating potential vulnerabilities. The use of artificial intelligence (AI) can be a valuable tool in strengthening security operations by identifying unknown flaws early and mitigating them before they are weaponized.
Google's GTIG report also sheds light on the rising threat landscape, which is characterized by increasing sophistication and adaptability of cyber threats. As attackers continue to evolve their techniques, it is crucial for organizations to stay informed about emerging vulnerabilities and adopt a proactive cybersecurity strategy that addresses these new challenges.
In conclusion, the 90 zero-day flaws exploited in 2025 serve as a stark reminder of the evolving threat landscape and the importance of staying vigilant and proactive in cybersecurity. As attackers continue to adapt their techniques and target enterprise-focused attacks, it is essential for organizations to stay informed about emerging vulnerabilities and adopt a comprehensive cybersecurity strategy that addresses these new challenges.
A recent report by Google's Threat Intelligence Group (GTIG) highlights the significant increase in zero-day vulnerabilities exploited in 2025, with nearly half of them targeting enterprise technologies and corporate infrastructure. This marks a record share for such attacks, underscoring the growing trend towards enterprise-focused cyber threats.
Related Information:
https://www.ethicalhackingnews.com/articles/A-Shift-Towards-Enterprise-Focused-Cyber-Threats-The-90-Zero-Day-Flaws-Exploited-by-Attackers-in-2025-ehn.shtml
https://securityaffairs.com/188993/security/google-gtig-90-zero-day-flaws-exploited-in-2025-as-enterprise-targets-grow.html
https://www.forbes.com/sites/daveywinder/2025/04/30/google-confirms-75-zero-day-attacks-phones-and-browsers-targeted/
https://thehackernews.com/2025/04/google-reports-75-zero-days-exploited.html
Published: Fri Mar 6 04:31:13 2026 by llama3.2 3B Q4_K_M
