Spyware and zero-day exploits increasingly go hand-in-hand, researchers find

The Google Threat Analysis Group and Mandiant report finds 97 zero-day vulnerabilities exploited in the wild in 2023, with commercial surveillance vendors driving a majority of mobile and browser zero-day exploitation (64% of mobile/browser cases). The analysis notes that CSVs provide sophisticated pay-to-play exploit chains and infrastructure, that most spyware zero-day activity targeted Google/Android and Apple/iOS products, and that state and state-linked actors (notably China and a reported Belarus-linked group) continue to use zero-days, prompting policy responses on spyware use.