securelist[.]com/analysis/publications/78125/exploits-how-great-is-the-threat/
An exploit simplified is making use of a vulnerability in software to get hopefully privileged access where it's supposed to be denied.
wikipedia[.]org/wiki/Exploit_(computer_security)
Kaspersky breaks down the numbers, I assume using data reported back to them by folks running Kaspersky security software, into 2 categories -- targeted & everyone else. A targeted attack goes after a specific person(s) or organization(s), & is more often carried out by groups affiliated with nation states.
documents[.]trendmicro[.]com/assets/primers/understanding-targeted-attacks.pdf
One group that Kaspersky focuses on might be familiar to Americans for the DNC breach last election season -- the one with Bear. The Equation Group also mentioned OTOH is thought to be NSA or CIA.
wikipedia[.]org/wiki/Equation_Group