What term refers to a previously unknown software exploit that can be used by an attacker before developers are aware of the risk?

The term that describes a previously unknown software exploit, which attackers can leverage before the software developers are aware of its existence and can address it, is "zero-day." A zero-day exploit takes advantage of a vulnerability that has not yet been patched or mitigated, allowing attackers to operate undetected and create significant damage or data breaches.

This is a critical concept in cybersecurity as it highlights the importance of promptly applying security updates and patches once they become available. Since these exploits are often used in targeted attacks, they pose a high risk to organizations, especially if they rely on unpatched software.

The other terms do not accurately capture this concept. An exploit kit refers to a toolkit used to exploit vulnerabilities but does not specify the unknown status of exploits. A backdoor is a method of bypassing normal authentication or encryption, which can be installed in software but is not synonymous with an unknown exploit. Patch vulnerability refers to the weaknesses that remain in software despite patches being available, which is a different scenario than a zero-day exploit.