{"id":193616,"date":"2026-03-06T10:40:00","date_gmt":"2026-03-06T15:40:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/03\/06\/nearly-half-of-exploited-zero-day-flaws-target-enterprise-grade-technology\/"},"modified":"2026-03-07T06:00:21","modified_gmt":"2026-03-07T11:00:21","slug":"nearly-half-of-exploited-zero-day-flaws-target-enterprise-grade-technology","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/03\/06\/nearly-half-of-exploited-zero-day-flaws-target-enterprise-grade-technology\/","title":{"rendered":"Nearly half of exploited zero-day flaws target enterprise-grade technology"},"content":{"rendered":"

Nearly half of exploited zero-day flaws target enterprise-grade technology<\/a><\/p>\n

https:\/\/www.cybersecuritydive.com\/news\/half-exploited-zero-day-flaws-enterprise-grade-technology\/814021\/<\/a><\/p>\n

Publish Date: 2026-03-06 10:40:00<\/a><\/p>\n

Source Domain: www.cybersecuritydive.com<\/a><\/p>\n

Author: <\/a><\/p>\n

Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n

A total of 90 zero-day vulnerabilities were exploited in the wild in 2025, according to a report released Thursday\u00a0by Google Threat Intelligence Group.
\nOf that total, almost half of the exploited vulnerabilities were used against enterprise-grade technology,\u00a0marking an all-time high.\u00a0
\nExploitation from state-sponsored groups targeted networking and security tools with a strong emphasis on edge devices, which often lack endpoint detection and response capabilities, according to GTIG researchers.\u00a0
\nChina-nexus groups remain the most prolific state-sponsored groups, with a long history of detailed knowledge of vulnerable devices.\u00a0
\n\u201cThey have a significant zero-day development ecosystem that includes industry, academia, and government,\u201d John Hultquist, chief analyst at GTIG, told Cybersecurity Dive.<\/p>\n

At least 10 zero-days were attributed to China-nexus espionage groups in 2025, which is double the figure from 2024, wrote GTIG researchers. Among the notable campaigns, a threat actor tracked as UNC3886 exploited an improper isolation flaw in Juniper MX routers, tracked as CVE-2025-21590.
\nA China-nexus group tracked as UNC5221 was more recently linked to attacks involving Brickstorm malware.\u00a0
\nThe report warns that AI will become increasingly more important to scale and accelerate threat activity. Hackers will increasingly use AI to conduct reconnaissance, discover new vulnerabilities and develop exploits.
\n\u201cVulnerability discovery and weaponization and exploit deployment can all be enhanced with these capabilities, creating potential for exploitation to be faster than ever before,\u201d Casey Charrier, senior vulnerability intelligence analyst at GTIG, told Cybersecurity Dive.
\nIn a notable shift, GTIG researchers said commercial surveillance vendors were involved in more than one-third of zero-day attacks, surpassing state-sponsored espionage groups for the first time. Out of 42 unique zero-days that were attributed to specific actors, surveillance vendors were involved in 15, while state-linked groups were involved in 12.\u00a0
\n\u201cThese vendors are primary drivers of the zero-day market, often offering turn-key solutions for the entire attack life cycle,\u201d said James Sadowski, CTI analyst at Google.\u00a0
\nThese vendors develop what is commonly known as spyware and focus largely on exploiting mobile devices and web browsers.\u00a0<\/p>\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

Nearly half of exploited zero-day flaws target enterprise-grade technology https:\/\/www.cybersecuritydive.com\/news\/half-exploited-zero-day-flaws-enterprise-grade-technology\/814021\/ Publish Date: 2026-03-06 10:40:00 Source…<\/p>\n","protected":false},"author":1,"featured_media":193617,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/imgproxy.divecdn.com\/zwGX2oKa6JWaaHQs6CqyycxeysPKKxLAdOW1V-Pc9Xs\/g:ce\/rs:fit:770:435\/Z3M6Ly9kaXZlc2l0ZS1zdG9yYWdlL2RpdmVpbWFnZS9maXJld2FsbC5qcGc=.webp","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,24,31,32,34,27],"class_list":["post-193616","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-cybersecurity","tag-exploit","tag-malware","tag-threat-actor","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/193616"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=193616"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/193616\/revisions"}],"predecessor-version":[{"id":193618,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/193616\/revisions\/193618"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/193617"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=193616"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=193616"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=193616"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}