Google says half of all zero-days it tracked in 2025 targeted buggy enterprise tech

Google’s annual review found an increase in zero-day exploitation focused on enterprise devices — about 48% of tracked zero-days affected corporate technologies such as firewalls, VPNs, and virtualization platforms from vendors including Cisco, Fortinet, Ivanti, and VMware — and reported active exploitation in customer networks; the report also details Clop’s campaign against Oracle E-Business Suite that resulted in theft of HR and executive data from multiple organizations.