Google: 70% of exploited flaws disclosed in 2023 were zero-days

Google Mandiant security analysts warn of a worrying new trend of threat actors demonstrating a better capability to discover and exploit zero-day vulnerabilities in software.

Specifically, of the 138 vulnerabilities disclosed as actively exploited in 2023, Mandiant says 97 (70.3%) were leveraged as zero-days.

This means that threat actors exploited the flaws in attacks before the impacted vendors knew of the bugs existence or had been able to patch them.