The Mandiant Threat Intelligence team and Google's Project Zero security team identified a significant jump last year in security vulnerabilities that threat actors exploited before a patch became available. Mandiant recorded 80 security vulnerabilities in the previous year, while Google identified 58 zero-days exploited in the wild before being patched.
Mandiant found that the proportion of financially motivated actors — particularly ransomware groups — deploying zero-day exploits also grew significantly, and nearly 1 in 3 identified actors exploiting zero-days in 2021 was financially motivated.