Security News > 2023 > March > Hackers mostly targeted Microsoft, Google, Apple zero-days in 2022
Hackers continue to target zero-day vulnerabilities in malicious campaigns, with researchers reporting that 55 zero-days were actively exploited in 2022, most targeting Microsoft, Google, and Apple products.
According to Mandiant, most of last year's zero-day flaws were exploited by Chinese state-sponsored actors and most concerned operating systems, web browsers, and network management products.
In 2021, threat actors exploited 80 zero-day flaws in various products to perform security breaches, so the last year shows a slight decline.
Still, 2022 surpasses all other years regarding the number of zero days flaws actively exploited.
Out of the 55 zero-day flaws exploited in 2022, 13 were exploited by cyber-espionage groups, while Chinese cyberspies leveraged 7.
Regarding the targeted products, Windows was affected by 15 zero-day flaws in 2022, Chrome comes second with nine actively exploited vulnerabilities, iOS third with 5 zero days, and macOS fourth with four zero-day problems.
News URL
Related news
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells (source)
- Hackers Exploit Google Tag Manager to Deploy Credit Card Skimmers on Magento Stores (source)
- Apple fixes zero-day exploited in 'extremely sophisticated' attacks (source)
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) (source)
- Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update (source)
- Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws (source)
- Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) (source)
- Patch Tuesday: Microsoft Patches Two Actively Exploited Zero-Day Flaws (source)
- Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts (source)