China-linked UNC6384 exploits Windows zero-day to spy on European diplomats

Related breach coverage

• Windows zero-day actively exploited to spy on European diplomats
  2025-10-31

  A China-linked hacking group is exploiting a Windows zero-day in attacks targeting European diplomats in Hungary, Belgium, and other European nations. [...]

• From phishing to Google Drive C2: Silver Dragon expands APT41 playbook
  2026-03-04

  APT group Silver Dragon, linked to APT41, targets governments via server exploits and phishing, using Cobalt Strike and Google Drive for C2. Check Point researchers have identified Silver Dragon, an APT group tied to the China-linked group APT41, targeting government entities in Europe and Southeast Asia since mid-2024. The group gains initial access by exploiting […]

• Diplomatic entities in Belgium and Hungary hacked in China-linked spy campaign
  2025-10-30

  A cyber-espionage operation attributed to China used the PlugX malware against Belgian and Hungarian diplomatic entities over the last two months, according to a new report.

• China-linked Red Menshen APT deploys stealthy BPFDoor implants in telecom networks
  2026-03-27

  China-linked Red Menshen APT group used stealthy BPFDoor implants in telecom networks to spy on government targets. Rapid7 Labs uncovered a China-linked threat group known as Red Menshen has been running a long-term espionage campaign by infiltrating telecom networks, mainly in the Middle East and Asia. Active since at least 2021, the group uses highly […]