Four in-the-wild zero-days in Chrome, Safari, and Internet Explorer browsers were exploited by malicious actors in different campaigns since the start of the year. Three of the four vulnerabilities were engineered by commercial providers and sold to and used by government-backed actors. Google did not disclose the identities of the exploit broker or the two threat actors that used the vulnerabilities as part of their attacks. The Internet Explorer flaw was used in a campaign targeting Armenian users with malicious Office documents that loaded web content within the web browser.
Source: https://thehackernews.com/2021/07/google-details-ios-chrome-ie-zero-day.html