Researchers tracking the exploitation of previously undisclosed vulnerabilities found that commercial spyware firms are increasingly responsible for leveraging such zero-day flaws against mobile phones and other consumer-oriented devices, according to a report published Wednesday. The joint report from Google’s Threat Analysis Group and Google-owned Mandiant determined that in 2023, spyware produced by commercial surveillance vendors (CSVs) were responsible for 64% of known exploited mobile and browser zero-day vulnerabilities.
Source: Cyberscoop