What is Zero-Day Exploit?
An attack that exploits a previously unknown software vulnerability, giving defenders zero days to prepare a patch before it's used in the wild.
Zero-day exploits are the most dangerous class of software attacks because no defense exists when they're first used.
The Market
- White market: Researchers sell to vendors through bug bounty programs ($10K-$1M+)
- Gray market: Sold to governments and intelligence agencies ($100K-$2.5M+)
- Black market: Sold to criminals ($10K-$500K)
Notable Zero-Days
- Stuxnet: Used multiple zero-days to destroy Iranian nuclear centrifuges
- Pegasus: NSO Group's spyware uses chains of zero-days for phone exploitation
- EternalBlue: NSA-developed exploit leaked and used in WannaCry ransomware
Protection
- Keep all software updated (patches close zero-days after discovery)
- Use defense-in-depth (don't rely on any single security control)
- Reduce attack surface (fewer apps = fewer potential zero-days)
- Use Lockdown Mode on iPhone if you're a high-value target
- Sandbox untrusted applications
Related Terms
Malware
Malicious software designed to damage, disrupt, or gain unauthorized access to computer systems. Malware includes viruses, ransomware, spyware, trojans, and worms—each with different infection methods and objectives.
Pegasus Spyware
A sophisticated spyware tool developed by NSO Group that can silently compromise smartphones through zero-click exploits, giving full access to the device.
Supply Chain Attack
An attack that compromises a target by infiltrating a trusted supplier, vendor, or software dependency in their supply chain.
Have more questions?
Use our guided flow to get the right next privacy step for Zero-Day Exploit.
Open Guided Flow