Security News > 2023 > March > Hackers mostly targeted Microsoft, Google, Apple zero-days in 2022

Hackers continue to target zero-day vulnerabilities in malicious campaigns, with researchers reporting that 55 zero-days were actively exploited in 2022, most targeting Microsoft, Google, and Apple products.
According to Mandiant, most of last year's zero-day flaws were exploited by Chinese state-sponsored actors and most concerned operating systems, web browsers, and network management products.
In 2021, threat actors exploited 80 zero-day flaws in various products to perform security breaches, so the last year shows a slight decline.
Still, 2022 surpasses all other years regarding the number of zero days flaws actively exploited.
Out of the 55 zero-day flaws exploited in 2022, 13 were exploited by cyber-espionage groups, while Chinese cyberspies leveraged 7.
Regarding the targeted products, Windows was affected by 15 zero-day flaws in 2022, Chrome comes second with nine actively exploited vulnerabilities, iOS third with 5 zero days, and macOS fourth with four zero-day problems.
News URL
Related news
- Google fixes Chrome zero-day exploited in espionage campaign (source)
- Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783) (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- Apple backports zero-day patches to older iPhones and Macs (source)
- North Korean Hackers Disguised as IT Workers Targeting UK, European Companies, Google Finds (source)
- Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws (source)
- Google fixes Android zero-days exploited in attacks, 60 other flaws (source)
- Google’s Sec-Gemini v1 Takes on Hackers & Outperforms Rivals by 11% (source)
- Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws (source)
- Microsoft: Windows CLFS zero-day exploited by ransomware gang (source)