# Zero-Day Attacks on Enterprise Software Reach Record High: What You Need to Know
The number of zero-day vulnerabilities discovered in enterprise software and appliances has reached an all-time high, according to a report released by Google's Threat Intelligence Group (GTIG). The findings are a stark warning for organizations that rely on these systems for their operations. In this article, we'll delve into the details of the report, highlighting the key statistics and takeaways.
The GTIG analysis reveals that 90 zero-day vulnerabilities were actively deployed by cyber attackers in 2025, with 43% targeting enterprise software and appliances. This represents a significant increase from the 36% tracked in 2024. The shift toward enterprise infrastructure as a primary target for exploitation is underscored by this trend.
Security and networking solutions are particularly vulnerable to zero-day attacks, accounting for nearly half of the exploits. These devices often sit at the edge of the network, making them an attractive target for attackers who seek to exploit vulnerabilities in privileged infrastructure components. By targeting edge devices, attackers can gain unauthorized access to the wider network, increasing the potential for code execution and broader network disruption.
The report highlights that while targeting enterprise applications is on the rise, end users remain the most common target for zero-day exploitation. In 2025, 52% of tracked zero-days were used to exploit end-user platforms and products, with operating systems being the most targeted product, accounting for 27% of the tracked vulnerabilities.
Microsoft Windows was the most targeted operating system by zero-days, while mobile operating systems saw a notable increase in targeting during 2025. The number of browser-based zero-day vulnerabilities dropped to 9%, described as a "historical low." This could be attributed to browsers being better secured or attackers' improved operational security making their activity more difficult to track.
The report also notes that nine zero-days were linked to attacks by financially motivated threat groups, including two ransomware operations. This represents nearly double the five zero-days attributed to financially motivated threat actors in 2024.
In conclusion, the record high number of zero-day vulnerabilities targeting enterprise software and appliances is a pressing concern for organizations. To stay ahead of these threats, defenders must prioritize security awareness, segmentation, and least privilege access. Continuous monitoring, anomaly detection, and refined alerting capabilities can help detect and respond to threats in real-time.
As Google GTIG warned, "System architectures should be designed and built with ingrained security awareness, enabling inherent segmentation and least privilege access." By taking proactive measures to secure their systems and networks, organizations can reduce the risk of zero-day attacks and protect themselves against the evolving threat landscape.
# Key Takeaways:
* 90 zero-day vulnerabilities were actively deployed by cyber attackers in 2025. * 43% targeted enterprise software and appliances, a significant increase from 36% in 2024. * Security and networking solutions are particularly vulnerable to zero-day attacks. * End users remain the most common target for zero-day exploitation, accounting for 52% of tracked vulnerabilities. * Microsoft Windows was the most targeted operating system by zero-days.
# Staying Ahead of Zero-Day Threats
To protect yourself against zero-day attacks, consider the following best practices:
* Prioritize security awareness and segmentation. * Implement least privilege access to prevent unauthorized access. * Continuously monitor systems and networks for anomalies. * Use refined alerting capabilities to detect threats in real-time. * Regularly update and patch your systems to stay ahead of known vulnerabilities.
By taking these measures, you can reduce the risk of zero-day attacks and protect yourself against the evolving threat landscape.