ALL POSTS

Key Findings Google's Threat Intelligence Group (GTIG) identified 90 zero-day vulnerabilities exploited in the wild in 2025, up from 78 in 2024 Nearly half of the flaws (43, or 48%) targeted enterprise technologies, marking a record share and confirming a shift toward enterprise-focused attacks Browser exploitation declined to historic lows, while operating system flaws were increasingly abused Nation-state actors mainly targeted edge devices and security appliances, while co

Key Findings Google's Threat Intelligence Group (GTIG) identified a powerful new iOS exploit kit called Coruna (also known as CryptoWaters) The kit targets Apple iPhones running iOS versions 13.0 through 17.2.1 It includes five full exploit chains and a total of 23 exploits The kit is highly effective against the targeted iOS versions, but is ineffective against the latest iOS release Background GTIG first captured parts of an iOS exploit chain used by a customer of a surveil

Key Findings: Google Threat Intelligence Group (GTIG), Mandiant, and partners disrupted a global espionage campaign by UNC2814, a suspected China-linked cyber espionage group UNC2814 had breached at least 53 organizations across 42 countries, primarily targeting telecommunications and government sectors The group used a novel backdoor called GRIDTIDE that leveraged legitimate Google Sheets API functions for command-and-control GTIG took coordinated action to disrupt UNC2814's