Google says that half of all zero days it has targeted in 2025 will be for business technology

A new Google report found that nearly half of the zero-day bugs it tracked last year used enterprise tools, indicating a new boom in hackers finding new ways to infiltrate large companies and steal their data.

According to the search and security giant annual report48% of zero-tracked days – weaknesses in software that are not known to their developers at the time of use – were found in technologies used by organizations and large businesses. About half of those zero days used tools designed to protect businesses from going digital.

Google said security tools and networks, such as firewalls created by Cisco and Fortinetand VPN and virtualization platforms like Let me know and VMwarewere among the most anticipated sellers last year. All four companies said hackers used their products against customers in recent months.

Google researchers said that hackers used common flaws, such as login authentication and insufficient authorization processes, to bypass the security measures of firewalls and VPNs to gain access to customer networks. These categories of bugs are usually easy to use, but often require software updates to fix.

The company also pointed to other simple programs that make up the remaining half of business days. Google noticed a campaign by the terrorist group Clop against customers of Oracle E-Business Suite, which allows hackers to get away with criminals. human data from many companies of co-workers and supervisors. Hacks were involved Harvard Universityand American Airlines Envoy Assistantand The Washington Postamong others.

The remaining 52% of zero-day bugs were found in consumer and end-user products, such as those made by Microsoft, Google, and Apple, according to the report. The majority of zero days in consumer apps were found in operating systems, while mobile devices also saw more zero days than in previous years.

Google said it also reported that most zero-days were targeted by vendors rather than government-sponsored spying groups. Monitoring vendors are often spyware and exploit developers, who work on behalf of governments to hack into people’s phones. Google said the change reflects a “slow but sure trend” in how governments acquire hacking tools.