The 0-day exploits market was there for some time, but it was always a underground black hats territory. I’m sure that the government agencies have been buying offensive security tools but I have never seen open advertisement from a big company selling those type of things. Apparently the time is changing. VUPEN (if the name rings a bell its not by accident – they have issued big number of vulnerability advisories in the last 6 years) openly advertise their 0-day exploits available for sail to national security agencies. Its a bit twisted and pervert for my taste. It sounds like an open advertisement for selling guns to the governments or may be I’m just getting old.