Google: Governments are using zero-day hacks more than ever

GTIG/Google observed a shift in 2024 toward enterprise-targeted zero-day attacks: 33 of 75 zero-days were aimed at enterprise technologies and security systems, and Google attributed 34 of the 75 attacks—23 of which were linked to governments (notably China and North Korea) and eight to commercial surveillance vendors such as NSO Group and Cellebrite. The report highlights state-sponsored espionage and financially motivated campaigns (including crypto theft), lists affected vendors (Microsoft, Google, Ivanti), and urges enterprises to improve detection, implement redundancy, and tighten access controls.