Early Prime Day Deals Roe v. Wade Overturned Surface Laptop Go 2 Review 4th of July Sales M2 MacBook Pro Deals Healthy Meal Delivery Best TVs for Every Budget Noise-Canceling Earbuds Dip to $100

Google Experts Found a Record Number of Zero-Day Security Bugs Last Year

Project Zero detected 58 in-the-wild exploits in 2021.

Getty Images

Project Zero, an in-house team of Google experts and analysts tasked with finding advanced cybersecurity threats known as zero-day vulnerabilities and exploits, detected a record-breaking 58 in-the-wild exploits in 2021, according to a report from the team published Tuesday. 

A zero-day vulnerability refers to security flaws that developers have just become aware of, hence, they've "zero days" to fix or "patch" it. When gone undetected, such flaws could lead to data breaches and ransomware attacks. Last year, Microsoft warned users of zero-day vulnerabilities in Windows 10 and other software, including Microsoft Exchange and Microsoft Office, before promptly issuing security update patches for more than 100 potential risks.

Since forming in 2014, Project Zero's highest number of detected and disclosed zero-day exploits came in 2015 with a total of 28, less than half those detected in 2021. The contrast was even higher year over year, with only 20 zero-day exploits detected and disclosed in 2020.

The spike may indicate a growing trend of cyberattacks, which have risen during the ongoing COVID-19 pandemic and the gaining popularity of cryptocurrency, but Project Zero says the likely culprit is improvements in detecting and reporting zero-day occurrences. The report stated that the vast majority of zero-day exploit uses are "similar to previous [and] publicly known vulnerabilities," with only two events that stood out for its "technological sophistication" or logic. So, in spite of the increase in detected zero-days, your online security doesn't appear to be in any more danger than previous years, at least when it comes to zero-day vulnerabilities.

That's not to minimize the risk of zero-day vulnerabilities, however. Online security is still and always will be a concern for individuals and businesses. One way to protect yourself against malware and ransomware is to ensure your software is up to date -- those patches and updates are released for a reason. Using a good VPN and antivirus software can also help keep your connection safe and secure. In the meantime, Project Zero will continue working towards their goal, which is to simply "make 0-day hard."

Google didn't respond to a request for additional comment.