US EditionWindows Zero-Day Actively Exploited to Spy on European Diplomats
14 Articles
14 Articles
The attackers exploited a Windows vulnerability in the attack, which began in September and continued into October, luring their targets with emails seemingly from the European Commission.
eSecurityPlanet
IT Security News - cybersecurity, infosecurity newsUNC6384 Exploits Zero-Day to Target European Diplomats
Arctic Wolf researchers found an active cyber-espionage operation by Chinese-affiliated actor UNC6384 targeting European diplomatic entities, notably in Hungary and Belgium. The campaign operationalizes a Windows shortcut vulnerability and culminates in PlugX remote access trojan (RAT) deployment via DLL side-loading of signed Canon utilities. Campaign Overview UNC6384 blends refined social engineering with rapid vulnerability adoption. Spearph…
Unpatched Windows Vulnerability Continues To Be Exploited By APTs (CVE-2025-9491) - Cybernoz - Cybersecurity News
A Windows vulnerability (CVE-2025-9491, aka ZDI-CAN-25373) that state-sponsored threat actors and cybercrime groups have been quietly leveraging since at least 2017 continues to be exploited for attacks. “Arctic Wolf Labs assesses with high confidence that [the campaign they detected] is attributable to UNC6384. This attribution is based on multiple converging lines of evidence including malware tooling, tactical procedures, targeting alignment,…
In a blog article published on October 30, 2025, researchers from the cybersecurity company Arctic Wolf highlight a vast cyber-espionage campaign attributed to China and targeting European diplomats. Their arsenal of attack? From social engineering, a Trojan horse and the exploitation of a Windows vulnerability.
Chinese hackers broke into the computers of Hungarian EU diplomats - The hackers may be linked to the Chinese state.
Coverage Details
Bias Distribution
- 50% of the sources lean Left, 50% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
