Microsoft patches 6 zero-days under active exploit
arstechnica.com> zero days under active exploit
Doesn't zero day already mean that?
zero day can be either a vulnerability that has or has not been actively used by the bad guys. I would suspect as soon as it becomes "known" though that all state actors and black hacker "orgs" have teams on the ready to exploit them as soon as they're discovered/announced, mostly through partially compromised machines.