Google has created a new initiative called Project Zero where it aims to hire superstar hackers and use them to improve intent security. Their goal will be to use their expertise and Google's resources to find security issues with foundational internet technologies.

Zero-day back market

Newly discovered security issues (bugs, vulnerabilities or anything exploitable) that have not yet been announced are called zero day vulnerabilities. there is a healthy black market buying and selling these vulnerabilities (typical buyers are organized crime, criminals or intelligence agencies). The fact that these are unknown by the manufacturers or general population is what makes these more easily exploitable vulnerabilities worth so much.

In the blog post announcing Project Zero, Google says

Google is committed to responsible handling of discoveries which means they will first notify affected vendors, give them time to patch the security vulnerabilities before announcing it to the world. 

Google Blog post announcing Project Zero (link)

Database where vulnerabilities will be made public for the general public and academic research (link)