TrueConf Zero-Day Exploited in Asian Government Attacks
A Chinese threat actor exploited the video conferencing platform to perform reconnaissance, escalate privileges, and execute additional payloads. The post TrueConf Zero-Day Exploited in Asian Government Attacks appeared first on SecurityWeek.
Chinese hackers have exploited a zero-day vulnerability in the TrueConf video conferencing software in attacks against government entities in Asia, Check Point reports.
The exploited bug, tracked as CVE-2026-3502 (CVSS score of 7.8), exists because the application does not properly verify updates before applying them.
This results in the execution of malicious code if an attacker could tamper with the update code, and this is the mechanism that was exploited in the observed attack, Check Point says.
Source: https://www.securityweek.com/trueconf-zero-day-exploited-in-asian-government-attacks/
Related breach coverage
- Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities2026-04-14
The security defects allow attackers to escalate privileges and execute arbitrary code remotely. The post Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities appeared first on SecurityWeek.
- Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises2026-03-05
Less than half of the total zero-days have been attributed to a threat actor, but spyware vendors and China are in the lead. The post Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises appeared first on SecurityWeek.
- Chinese APT Mustang Panda Caught Using Kernel-Mode Rootkit2025-12-30
The threat actor uses a signed driver file containing two user-mode shellcodes to execute its ToneShell backdoor. The post Chinese APT Mustang Panda Caught Using Kernel-Mode Rootkit appeared first on SecurityWeek.
- Anthropic Says Claude AI Powered 90% of Chinese Espionage Campaign2025-11-14
A state-sponsored threat actor manipulated Claude Code to execute cyberattacks on roughly 30 organizations worldwide. The post Anthropic Says Claude AI Powered 90% of Chinese Espionage Campaign appeared first on SecurityWeek.