“Software vendors are constantly on the watch for so-called ‘zero day’ vulnerabilities–flaws in their code that hackers find and exploit before the first day companies become aware of them. But the term ‘zero-day’ doesn’t capture just how early hackers’ head-starts often are: Day zero, it seems, often lasts more than 300 days.”
Source: Hackers Exploit ‘Zero-Day’ Bugs For 10 Months On Average Before They’re Exposed – Forbes