<aside> <img src="/icons/skull-profile_gray.svg" alt="/icons/skull-profile_gray.svg" width="40px" /> A zero-day is a vulnerability in software or hardware that is typically unknown to the vendor and for which no patch or other fix is available.

</aside>

<aside> <img src="/icons/skull-profile_gray.svg" alt="/icons/skull-profile_gray.svg" width="40px" /> Zero-day exploits are attacks that target previously unknown vulnerabilities

</aside>

Zero-Day Exploits and Value

• Zero-day exploits are significant in the cybersecurity world and can be lucrative
• Bug bounty hunters can earn money by discovering zero-day vulnerabilities
• Zero-days are also sold to government agencies, law enforcement, and criminals
• Threat actors save zero-days for high-value targets, using generic malware for initial attempts
• An up-to-date antivirus can detect known vulnerabilities’ exploitation
• Countries and nation states may stockpile zero-days for espionage and strategic operations