A zero-day attack refers to the exploitation of a software vulnerability that the software vendor is unaware of, and for which there is no official fix or patch. The term "zero-day" refers to the fact that the developers have zero days to address the issue since it is exploited on the same day that it becomes known.