In September 2014, the ShellShock vulnerability was discovered and announced to the world. This vulnerability could allow an attacker to execute any command on a Unix-based system that uses the Bash command shell. Soon after this vulnerability was announced, hackers made millions of penetration attempts per day, with some apparent success.
New vulnerabilities are found everyday. What makes this one interesting is that the underlying bug, which is exploited in the attack, has existed in Bash since version 1.03, which was released in September 1989. Yes, this was waiting 25 years to be found.