A zero-day exploit is a piece of software or a hardware vulnerability exploited by hackers before the developer of the vulnerable software discovers and publicly releases a fix.
Zero-day exploits are especially pernicious because they target zero-day vulnerabilities for which no patch yet exists, leaving your systems completely exposed at the time of discovery.
In other words, a Zero-day exploit attack happens before the patch is made available to fix that particular vulnerability, and victims of an insight zero-day attack are left with no remedy.
Zero-day exploits are used mainly by cybercriminals and advanced persistent threat (APT) actors to target victims and spread malware infection on a massive scale. Since zero-day exploits are used in the wild before the developers of vulnerable software are aware of them. They are potent tools attributed to cyber crime or nation-state attack campaigns.