It's a computer vulnerability or exploit which has not been discovered before (or at least the software developer wasn't aware of it).

0-day comes from the number of days the software developers have been informed of the vulnerability. Normally security researchers will tell a company about an exploit and give them some time to fix it before telling the public.

It's a vulnerability that's discovered and exploited before it's known to or addressed by the maker/vendor. So in this case, the North Korean hackers were exploiting an unknown vulnerability in a software package commonly used by security researchers.